@warmhub/sdk-ts 0.44.0

package/dist/chunk-PKA25PT7.js

@@ -0,0 +1,4775 @@
+import { TRPCClientError, createTRPCProxyClient, splitLink, httpBatchLink, httpLink } from '@trpc/client';
+
+// src/index.ts
+
+// ../rules/src/builtin-shapes.ts
+var BUILTIN_SHAPE_NAMES = ["Pair", "Triple", "Set", "List"];
+function isBuiltinCollectionShape(name) {
+  return BUILTIN_SHAPE_NAMES.includes(name);
+}
+var BUILTIN_CONTENT_SHAPE_NAMES = ["Content"];
+var STORED_CONTENT_NAMES = ["Readme", "Agents"];
+var SYNTHESIZED_CONTENT_NAMES = ["LlmsTxt"];
+var isContentShape = (s) => s === "Content";
+var isStoredContentName = (n) => STORED_CONTENT_NAMES.includes(n);
+var isSynthesizedContentName = (n) => SYNTHESIZED_CONTENT_NAMES.includes(n);
+function isBuiltinShape(name) {
+  return BUILTIN_SHAPE_NAMES.includes(name) || BUILTIN_CONTENT_SHAPE_NAMES.includes(name);
+}
+
+// ../rules/src/commit-stream-limits.ts
+var DEFAULT_STREAM_APPEND_CHUNK_SIZE = 1e3;
+var MAX_STREAM_APPEND_OPERATION_COUNT = 1e4;
+
+// ../rules/src/commit-types.ts
+function isCollectionAbout(value) {
+  if (typeof value !== "object" || value === null || Array.isArray(value))
+    return false;
+  const record = value;
+  const keys = Object.keys(record);
+  if (keys.length !== 1) return false;
+  const key = keys[0];
+  if (key !== "pair" && key !== "triple" && key !== "set" && key !== "list")
+    return false;
+  return Array.isArray(record[key]);
+}
+function collectionAboutType(about) {
+  if ("pair" in about) return "pair";
+  if ("triple" in about) return "triple";
+  if ("set" in about) return "set";
+  return "list";
+}
+function collectionAboutMembers(about) {
+  if ("pair" in about) return about.pair;
+  if ("triple" in about) return about.triple;
+  if ("set" in about) return about.set;
+  return about.list;
+}
+function splitLocalPath(name) {
+  const idx = name.indexOf("/");
+  if (idx === -1) return null;
+  return { shapePrefix: name.slice(0, idx), bareName: name.slice(idx + 1) };
+}
+
+// ../rules/src/repo-auth-scopes.ts
+var REPO_AUTH_SCOPES = [
+  "repo:read",
+  "repo:write",
+  "repo:configure",
+  "repo:admin"
+];
+
+// ../rules/src/component-manifest-contract.ts
+new Set(REPO_AUTH_SCOPES);
+var PLATFORM_STATUS_STATUSES = [
+  {
+    key: "available",
+    label: "Available",
+    description: "Works as expected."
+  },
+  {
+    key: "degraded",
+    label: "Degraded",
+    description: "Works with known caveats or partial reliability."
+  },
+  {
+    key: "unavailable",
+    label: "Unavailable",
+    description: "Exists in code but is broken or blocked."
+  },
+  {
+    key: "not_yet_built",
+    label: "Not Yet Built",
+    description: "This feature-surface combination does not exist yet."
+  },
+  {
+    key: "unknown",
+    label: "Unknown",
+    description: "Has not been assessed yet."
+  }
+];
+({
+  statuses: [
+    {
+      key: {
+        type: "string",
+        enum: PLATFORM_STATUS_STATUSES.map((status) => status.key),
+        description: "Stable status key."
+      },
+      label: {
+        type: "string",
+        description: "Human-readable label for the status."
+      },
+      description: {
+        type: "string",
+        description: "Human-readable definition of the status."
+      }
+    }
+  ]});
+({
+  status: {
+    enum: PLATFORM_STATUS_STATUSES.map((status) => status.key)},
+  "issueMiningBaseline?": {
+    status: {
+      enum: PLATFORM_STATUS_STATUSES.map((status) => status.key)}}
+});
+({
+  "statusHint?": {
+    enum: PLATFORM_STATUS_STATUSES.map((status) => status.key)}});
+
+// ../rules/src/tokens.ts
+var ALLOC_TOKEN_RE = /\$(\d+)/g;
+var REF_TOKEN_RE = /#(\d+)/g;
+var ANY_TOKEN_RE = /[$#]\d+/;
+function findAllocTokens(s) {
+  const tokens = [];
+  for (const m of s.matchAll(ALLOC_TOKEN_RE)) {
+    tokens.push(Number.parseInt(m[1], 10));
+  }
+  return tokens;
+}
+function findRefTokens(s) {
+  const tokens = [];
+  for (const m of s.matchAll(REF_TOKEN_RE)) {
+    tokens.push(Number.parseInt(m[1], 10));
+  }
+  return tokens;
+}
+function hasAnyTokens(s) {
+  return ANY_TOKEN_RE.test(s);
+}
+
+// ../rules/src/preflight.ts
+var collectionTypes = ["pair", "triple", "set", "list"];
+var collectionOps = ["add", "revise"];
+function preflightOpDiagnostics(op, operationIndex) {
+  const errors = [];
+  errors.push(...builtinShapeGuard(op, operationIndex));
+  errors.push(...contentNameGuard(op, operationIndex));
+  errors.push(...plusSignGuard(op, operationIndex));
+  errors.push(...validateCollectionAbouts(op, operationIndex));
+  errors.push(...validateCollectionOps(op, operationIndex));
+  return errors;
+}
+function builtinShapeGuard(op, operationIndex) {
+  const errors = [];
+  const name = op.name;
+  if (op.kind === "shape" && name && isBuiltinShape(name)) {
+    errors.push({
+      code: "RESERVED_NAME",
+      operationIndex,
+      message: `Shape "${name}" is a built-in shape and cannot be ${op.operation === "add" ? "created" : "revised"} manually`
+    });
+  }
+  if (op.kind === "thing" && name) {
+    const local = splitLocalPath(name);
+    if (local && isBuiltinCollectionShape(local.shapePrefix)) {
+      const message = op.operation === "add" ? `Cannot add kind="thing" under built-in shape "${local.shapePrefix}". Use kind="collection" or the about sugar instead.` : `Cannot revise kind="thing" under built-in shape "${local.shapePrefix}". Collections are immutable.`;
+      errors.push({
+        code: "VALIDATION_ERROR",
+        operationIndex,
+        message
+      });
+    }
+  }
+  return errors;
+}
+function contentNameGuard(op, operationIndex) {
+  if (op.kind !== "thing" || !op.name) return [];
+  const local = splitLocalPath(op.name);
+  if (!local || !isContentShape(local.shapePrefix)) return [];
+  const bareName = local.bareName;
+  if (isSynthesizedContentName(bareName)) {
+    return [
+      {
+        code: "READ_ONLY_BUILTIN_CONTENT",
+        operationIndex,
+        message: `${local.shapePrefix}/${bareName} is synthesized; writes are not allowed`
+      }
+    ];
+  }
+  if (!isStoredContentName(bareName)) {
+    return [
+      {
+        code: "UNKNOWN_CONTENT_NAME",
+        operationIndex,
+        message: `${local.shapePrefix}/${bareName} is not a recognized well-known content name`
+      }
+    ];
+  }
+  return [];
+}
+function plusSignGuard(op, operationIndex) {
+  const errors = [];
+  const name = op.name;
+  if (op.kind === "collection") return errors;
+  if (name?.includes("+")) {
+    const local = splitLocalPath(name);
+    if (local && isBuiltinCollectionShape(local.shapePrefix)) return errors;
+    errors.push({
+      code: "VALIDATION_ERROR",
+      operationIndex,
+      message: `Name "${name}" contains reserved character "+". The "+" character is reserved for collection names.`
+    });
+  }
+  return errors;
+}
+function validateCollectionAbouts(op, operationIndex) {
+  const errors = [];
+  if (!op.about || typeof op.about === "string") return errors;
+  if (!isCollectionAbout(op.about)) {
+    const keys = typeof op.about === "object" && op.about !== null ? Object.keys(op.about) : [];
+    errors.push({
+      code: "VALIDATION_ERROR",
+      operationIndex,
+      message: `Structured about must have exactly one key: pair, triple, set, or list. Got: ${keys.join(", ") || typeof op.about}`
+    });
+    return errors;
+  }
+  const tag = collectionAboutType(op.about);
+  const members = collectionAboutMembers(op.about);
+  for (let i = 0; i < members.length; i++) {
+    if (typeof members[i] !== "string") {
+      errors.push({
+        code: "VALIDATION_ERROR",
+        operationIndex,
+        message: `Collection member at index ${i} must be a string, got ${typeof members[i]}`
+      });
+    }
+  }
+  const arityError = collectionArityError(tag, members);
+  if (arityError) {
+    errors.push({
+      code: "VALIDATION_ERROR",
+      operationIndex,
+      message: arityError
+    });
+  }
+  return errors;
+}
+function validateCollectionOps(op, operationIndex) {
+  const errors = [];
+  if (op.kind !== "collection") return errors;
+  if (!collectionOps.includes(op.operation)) {
+    errors.push({
+      code: "VALIDATION_ERROR",
+      operationIndex,
+      message: `Collection kind only supports "add" or "revise" operation, got "${op.operation}"`
+    });
+    return errors;
+  }
+  if (op.operation === "add") {
+    if (!op.type || !collectionTypes.includes(op.type)) {
+      errors.push({
+        code: "VALIDATION_ERROR",
+        operationIndex,
+        message: `Collection "type" must be one of: pair, triple, set, list. Got: "${op.type ?? ""}"`
+      });
+    }
+    if (!op.members || !Array.isArray(op.members)) {
+      errors.push({
+        code: "VALIDATION_ERROR",
+        operationIndex,
+        message: 'Collection requires a "members" array'
+      });
+    } else {
+      for (let i = 0; i < op.members.length; i++) {
+        if (typeof op.members[i] !== "string") {
+          errors.push({
+            code: "VALIDATION_ERROR",
+            operationIndex,
+            message: `Collection member at index ${i} must be a string`
+          });
+        }
+      }
+    }
+    if (op.type && op.members) {
+      const arityError = collectionArityError(
+        op.type,
+        op.members
+      );
+      if (arityError) {
+        errors.push({
+          code: "VALIDATION_ERROR",
+          operationIndex,
+          message: arityError
+        });
+      }
+    }
+  }
+  return errors;
+}
+function preflightCommitDiagnostics(operations, options) {
+  const errors = [];
+  tokenHygiene(operations, errors);
+  illegalOpSequences(operations, errors);
+  return errors;
+}
+function collectionArityError(tag, members) {
+  switch (tag) {
+    case "pair":
+      return members.length !== 2 ? `Pair requires exactly 2 members, got ${members.length}` : null;
+    case "triple":
+      return members.length !== 3 ? `Triple requires exactly 3 members, got ${members.length}` : null;
+    case "set":
+    case "list":
+      return members.length < 1 ? `${tag === "set" ? "Set" : "List"} requires at least 1 member, got 0` : null;
+  }
+}
+function getOpName(op) {
+  return op.name;
+}
+function collectionAboutMembersOrEmpty(about) {
+  if (about && typeof about !== "string" && isCollectionAbout(about)) {
+    return collectionAboutMembers(about);
+  }
+  return [];
+}
+function tokenStringFields(op) {
+  const fields = [getOpName(op)];
+  if (typeof op.about === "string") {
+    fields.push(op.about);
+  } else {
+    fields.push(...collectionAboutMembersOrEmpty(op.about));
+  }
+  if (op.members) {
+    fields.push(...op.members);
+  }
+  return fields;
+}
+function collectMisusedAllocFields(op) {
+  const result = [];
+  if (op.operation === "add") {
+    if (typeof op.about === "string") {
+      result.push({ value: op.about });
+    }
+    for (const m of collectionAboutMembersOrEmpty(op.about)) {
+      result.push({ value: m, context: "collection member" });
+    }
+    if (op.members) {
+      for (const m of op.members) {
+        result.push({ value: m, context: "collection member" });
+      }
+    }
+  } else {
+    const name = getOpName(op);
+    if (name) {
+      result.push({ value: name });
+    }
+  }
+  return result;
+}
+function tokenHygiene(operations, errors) {
+  let anyTokens = false;
+  for (const op of operations) {
+    for (const f of tokenStringFields(op)) {
+      if (f && hasAnyTokens(f)) {
+        anyTokens = true;
+        break;
+      }
+    }
+    if (anyTokens) break;
+  }
+  if (!anyTokens) return;
+  const allocations = /* @__PURE__ */ new Map();
+  for (let i = 0; i < operations.length; i++) {
+    const op = operations[i];
+    if (!op || op.operation !== "add" || !op.name) continue;
+    const local = splitLocalPath(op.name);
+    if (!local) {
+      const allocs = findAllocTokens(op.name);
+      if (allocs.length > 0) {
+        errors.push({
+          code: "ALLOC_TOKEN_IN_SHAPE_NAME",
+          operationIndex: i,
+          message: `Allocation token $${allocs[0]} not allowed in shape name "${op.name}"`
+        });
+      }
+      continue;
+    }
+    const segments = local.bareName.split("/");
+    const lastSegment = segments[segments.length - 1];
+    const lastSegAllocs = lastSegment ? findAllocTokens(lastSegment) : [];
+    for (let s = 0; s < segments.length - 1; s++) {
+      const seg = segments[s];
+      if (!seg) continue;
+      const earlyAllocs = findAllocTokens(seg);
+      if (earlyAllocs.length > 0) {
+        errors.push({
+          code: "ALLOC_TOKEN_WRONG_SEGMENT",
+          operationIndex: i,
+          message: `Allocation token $${earlyAllocs[0]} must be in the last segment of ADD name "${op.name}"`
+        });
+      }
+    }
+    for (const tokenNum of lastSegAllocs) {
+      if (tokenNum <= 0) {
+        errors.push({
+          code: "INVALID_TOKEN_NUMBER",
+          operationIndex: i,
+          message: `Token number must be positive: $${tokenNum}`
+        });
+      }
+      if (allocations.has(tokenNum)) {
+        errors.push({
+          code: "DUPLICATE_ALLOC_TOKEN",
+          operationIndex: i,
+          message: `Token $${tokenNum} allocated more than once`
+        });
+      }
+      allocations.set(tokenNum, { opIndex: i });
+    }
+  }
+  for (let i = 0; i < operations.length; i++) {
+    const op = operations[i];
+    if (!op) continue;
+    for (const field of tokenStringFields(op)) {
+      if (!field) continue;
+      const refs = findRefTokens(field);
+      for (const tokenNum of refs) {
+        if (tokenNum <= 0) {
+          errors.push({
+            code: "INVALID_TOKEN_NUMBER",
+            operationIndex: i,
+            message: `Token number must be positive: #${tokenNum}`
+          });
+        }
+        if (!allocations.has(tokenNum)) {
+          errors.push({
+            code: "UNRESOLVED_REF_TOKEN",
+            operationIndex: i,
+            message: `Reference #${tokenNum} has no matching allocation $${tokenNum}`
+          });
+        }
+      }
+    }
+    const misusedFields = collectMisusedAllocFields(op);
+    for (const { value, context } of misusedFields) {
+      const allocs = findAllocTokens(value);
+      if (allocs.length > 0) {
+        errors.push({
+          code: "MISUSED_ALLOC_TOKEN",
+          operationIndex: i,
+          message: context ? `Use #${allocs[0]} to reference token ${allocs[0]} in ${context}, not $${allocs[0]}` : `Use #${allocs[0]} to reference token ${allocs[0]}, not $${allocs[0]}`
+        });
+      }
+    }
+  }
+}
+function inferKindFromName(name) {
+  const parts = name.split("/").filter(Boolean);
+  if (parts.length >= 3) return "assertion";
+  if (parts.length === 2) return "thing";
+  return "thing";
+}
+function illegalOpSequences(operations, errors, checkAddAdd) {
+  const opHistory = /* @__PURE__ */ new Map();
+  for (let i = 0; i < operations.length; i++) {
+    const op = operations[i];
+    if (!op) continue;
+    const name = getOpName(op);
+    if (!name) continue;
+    if (hasAnyTokens(name)) continue;
+    const kind = op.kind ?? (name ? inferKindFromName(name) : "thing");
+    const qualName = kind === "shape" ? `shape:${name}` : `thing:${name}`;
+    const history = opHistory.get(qualName) ?? [];
+    history.push({ operation: op.operation, index: i });
+    opHistory.set(qualName, history);
+  }
+  for (const [qualName, history] of opHistory) {
+    if (history.length < 2) continue;
+    for (let i = 1; i < history.length; i++) {
+      const prev = history[i - 1];
+      const curr = history[i];
+      if (!prev || !curr) continue;
+      const pair = `${prev.operation}+${curr.operation}`;
+      if (pair === "revise+add") {
+        errors.push({
+          code: "ILLEGAL_OP_SEQUENCE",
+          operationIndex: curr.index,
+          message: `Cannot revise then add "${qualName}" in the same commit`
+        });
+      }
+    }
+  }
+}
+
+// ../rules/src/reserved-orgs.ts
+var RESERVED_ORG_NAMES = [
+  "admin",
+  "api",
+  "billing",
+  "blog",
+  "docs",
+  "help",
+  "login",
+  "public",
+  "robots.txt",
+  "settings",
+  "signup",
+  "status",
+  "support",
+  "system",
+  "warmhub",
+  "www"
+];
+new Set(RESERVED_ORG_NAMES);
+
+// ../rules/src/shape-types.ts
+var BASE_PRIMITIVE_TYPES = [
+  "number",
+  "string",
+  "boolean",
+  "wref",
+  "array"
+];
+new Set(BASE_PRIMITIVE_TYPES);
+var VALID_PRIMITIVE_TYPES = /* @__PURE__ */ new Set([
+  "number",
+  "string",
+  "boolean",
+  "wref",
+  "array",
+  "number?",
+  "string?",
+  "boolean?",
+  "wref?",
+  "array?"
+]);
+function isPlainObject(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+var STRING_CONSTRAINT_KEYS = /* @__PURE__ */ new Set([
+  "minLength",
+  "maxLength",
+  "pattern",
+  "enum"
+]);
+var NUMBER_CONSTRAINT_KEYS = /* @__PURE__ */ new Set(["minimum", "maximum", "integer"]);
+var WREF_CONSTRAINT_KEYS = /* @__PURE__ */ new Set(["shape"]);
+var ARRAY_CONSTRAINT_KEYS = /* @__PURE__ */ new Set(["items", "minItems", "maxItems"]);
+var COMMON_TYPESPEC_KEYS = /* @__PURE__ */ new Set(["type", "description"]);
+var VALID_TYPESPEC_KEYS = /* @__PURE__ */ new Set([
+  ...COMMON_TYPESPEC_KEYS,
+  ...STRING_CONSTRAINT_KEYS,
+  ...NUMBER_CONSTRAINT_KEYS,
+  ...WREF_CONSTRAINT_KEYS,
+  ...ARRAY_CONSTRAINT_KEYS
+]);
+var CONSTRAINT_KEYS_BY_TYPE = {
+  string: STRING_CONSTRAINT_KEYS,
+  number: NUMBER_CONSTRAINT_KEYS,
+  wref: WREF_CONSTRAINT_KEYS,
+  array: ARRAY_CONSTRAINT_KEYS,
+  boolean: /* @__PURE__ */ new Set()
+  // no constraints
+};
+function isTypeSpecObject(value) {
+  if (!isPlainObject(value) || !("type" in value)) return false;
+  if (typeof value.type !== "string" || !VALID_PRIMITIVE_TYPES.has(value.type))
+    return false;
+  const baseType = value.type.endsWith("?") ? value.type.slice(0, -1) : value.type;
+  const allowedConstraints = CONSTRAINT_KEYS_BY_TYPE[baseType] ?? /* @__PURE__ */ new Set();
+  if (!Object.keys(value).every(
+    (k) => COMMON_TYPESPEC_KEYS.has(k) || allowedConstraints.has(k)
+  ))
+    return false;
+  if ("minLength" in value && typeof value.minLength !== "number") return false;
+  if ("maxLength" in value && typeof value.maxLength !== "number") return false;
+  if ("pattern" in value && typeof value.pattern !== "string") return false;
+  if ("pattern" in value && typeof value.pattern === "string" && VALID_PRIMITIVE_TYPES.has(value.pattern)) {
+    const baseType2 = typeof value.type === "string" && value.type.endsWith("?") ? value.type.slice(0, -1) : value.type;
+    if (baseType2 !== "string") return false;
+  }
+  if ("enum" in value && !Array.isArray(value.enum)) return false;
+  if ("minimum" in value && typeof value.minimum !== "number") return false;
+  if ("maximum" in value && typeof value.maximum !== "number") return false;
+  if ("integer" in value && typeof value.integer !== "boolean") return false;
+  if ("shape" in value && typeof value.shape !== "string") return false;
+  if ("shape" in value && typeof value.shape === "string" && VALID_PRIMITIVE_TYPES.has(value.shape)) {
+    const baseType2 = typeof value.type === "string" && value.type.endsWith("?") ? value.type.slice(0, -1) : value.type;
+    if (baseType2 !== "wref") return false;
+  }
+  if ("items" in value && typeof value.items === "number") return false;
+  if ("items" in value && typeof value.items === "boolean") return false;
+  if ("minItems" in value && typeof value.minItems !== "number") return false;
+  if ("maxItems" in value && typeof value.maxItems !== "number") return false;
+  return true;
+}
+
+// ../rules/src/shape-validation.ts
+var MAX_CONTENT_FIELD_BYTES = 64 * 1024;
+var CONTENT_FIELD_LIMIT_ERROR = `WarmHub content fields are limited to ${MAX_CONTENT_FIELD_BYTES} bytes. WarmHub is not a document store; store large documents in S3, Box, Drive, or another document system and reference them from WarmHub instead.`;
+var textEncoder = new TextEncoder();
+function utf8ByteLength(value) {
+  return textEncoder.encode(value).byteLength;
+}
+function contentFieldLimitError(path, value) {
+  if (value.length * 3 <= MAX_CONTENT_FIELD_BYTES) return null;
+  const byteLength = utf8ByteLength(value);
+  if (byteLength <= MAX_CONTENT_FIELD_BYTES) return null;
+  return `Field "${path}" is ${byteLength} bytes; ${CONTENT_FIELD_LIMIT_ERROR}`;
+}
+function assertContentFieldWithinLimit(path, value, errors) {
+  const message = contentFieldLimitError(path, value);
+  if (message) errors.push(message);
+}
+function normalizeOptionalTypeSpec(spec) {
+  if (typeof spec === "string" && spec.endsWith("?")) {
+    return { spec: spec.slice(0, -1), optionalByType: true };
+  }
+  if (isTypeSpecObject(spec) && typeof spec.type === "string" && spec.type.endsWith("?")) {
+    return {
+      spec: { ...spec, type: spec.type.slice(0, -1) },
+      optionalByType: true
+    };
+  }
+  return { spec, optionalByType: false };
+}
+function validateTypedFieldObject(path, spec, errors) {
+  const typeValue = spec.type;
+  if (typeof typeValue !== "string") {
+    errors.push(
+      `Invalid typed field object at "${path}": "type" must be a string`
+    );
+    return;
+  }
+  if (!VALID_PRIMITIVE_TYPES.has(typeValue)) {
+    errors.push(
+      `Invalid type at "${path}.type": "${typeValue}" (expected number|string|boolean|wref|array, optionally with ? suffix)`
+    );
+    return;
+  }
+  if ("description" in spec && typeof spec.description !== "string") {
+    errors.push(
+      `Invalid typed field object at "${path}": "description" must be a string`
+    );
+  }
+  const baseType = typeValue.endsWith("?") ? typeValue.slice(0, -1) : typeValue;
+  for (const key of Object.keys(spec)) {
+    if (key === "type" || key === "description") continue;
+    if (baseType === "string") {
+      if (!STRING_CONSTRAINT_KEYS.has(key)) {
+        errors.push(
+          `Constraint "${key}" at "${path}" is not valid for type "string"`
+        );
+      }
+    } else if (baseType === "number") {
+      if (!NUMBER_CONSTRAINT_KEYS.has(key)) {
+        errors.push(
+          `Constraint "${key}" at "${path}" is not valid for type "number"`
+        );
+      }
+    } else if (baseType === "wref") {
+      if (!WREF_CONSTRAINT_KEYS.has(key)) {
+        errors.push(
+          `Constraint "${key}" at "${path}" is not valid for type "wref"`
+        );
+      }
+    } else if (baseType === "array") {
+      if (!ARRAY_CONSTRAINT_KEYS.has(key)) {
+        errors.push(
+          `Constraint "${key}" at "${path}" is not valid for type "array"`
+        );
+      }
+    } else {
+      errors.push(
+        `Constraint "${key}" at "${path}" is not valid for type "${baseType}"`
+      );
+    }
+  }
+  if ("minLength" in spec && (typeof spec.minLength !== "number" || !Number.isFinite(spec.minLength) || spec.minLength < 0 || !Number.isInteger(spec.minLength))) {
+    errors.push(
+      `"minLength" at "${path}" must be a non-negative finite integer`
+    );
+  }
+  if ("maxLength" in spec && (typeof spec.maxLength !== "number" || !Number.isFinite(spec.maxLength) || spec.maxLength < 0 || !Number.isInteger(spec.maxLength))) {
+    errors.push(
+      `"maxLength" at "${path}" must be a non-negative finite integer`
+    );
+  }
+  if ("minLength" in spec && "maxLength" in spec && typeof spec.minLength === "number" && typeof spec.maxLength === "number" && spec.minLength > spec.maxLength) {
+    errors.push(`"minLength" at "${path}" cannot exceed "maxLength"`);
+  }
+  if (baseType === "string" && typeof spec.minLength === "number" && Number.isFinite(spec.minLength) && Number.isInteger(spec.minLength) && spec.minLength > MAX_CONTENT_FIELD_BYTES) {
+    errors.push(
+      `"minLength" at "${path}" cannot exceed ${MAX_CONTENT_FIELD_BYTES}`
+    );
+  }
+  if (baseType === "string" && typeof spec.maxLength === "number" && Number.isFinite(spec.maxLength) && Number.isInteger(spec.maxLength) && spec.maxLength > MAX_CONTENT_FIELD_BYTES) {
+    errors.push(
+      `"maxLength" at "${path}" cannot exceed ${MAX_CONTENT_FIELD_BYTES}`
+    );
+  }
+  if ("pattern" in spec && typeof spec.pattern !== "string") {
+    errors.push(`"pattern" at "${path}" must be a string`);
+  }
+  if ("pattern" in spec && typeof spec.pattern === "string") {
+    try {
+      new RegExp(spec.pattern);
+    } catch {
+      errors.push(`"pattern" at "${path}" is not a valid regular expression`);
+    }
+  }
+  if ("enum" in spec) {
+    if (!Array.isArray(spec.enum) || spec.enum.length === 0 || !spec.enum.every((v) => typeof v === "string")) {
+      errors.push(`"enum" at "${path}" must be a non-empty array of strings`);
+    } else if (baseType === "string") {
+      for (const value of spec.enum) {
+        const byteLength = utf8ByteLength(value);
+        if (byteLength > MAX_CONTENT_FIELD_BYTES) {
+          errors.push(
+            `"enum" value at "${path}" is ${byteLength} bytes; string enum values cannot exceed ${MAX_CONTENT_FIELD_BYTES} bytes`
+          );
+          break;
+        }
+      }
+    }
+  }
+  if ("minimum" in spec && (typeof spec.minimum !== "number" || !Number.isFinite(spec.minimum))) {
+    errors.push(`"minimum" at "${path}" must be a finite number`);
+  }
+  if ("maximum" in spec && (typeof spec.maximum !== "number" || !Number.isFinite(spec.maximum))) {
+    errors.push(`"maximum" at "${path}" must be a finite number`);
+  }
+  if ("minimum" in spec && "maximum" in spec && typeof spec.minimum === "number" && typeof spec.maximum === "number" && spec.minimum > spec.maximum) {
+    errors.push(`"minimum" at "${path}" cannot exceed "maximum"`);
+  }
+  if ("integer" in spec && typeof spec.integer !== "boolean") {
+    errors.push(`"integer" at "${path}" must be a boolean`);
+  }
+  if ("shape" in spec) {
+    if (typeof spec.shape !== "string") {
+      errors.push(`"shape" at "${path}" must be a string (shape name)`);
+    } else if (spec.shape === "") {
+      errors.push(`"shape" at "${path}" must not be empty`);
+    }
+  }
+  if ("minItems" in spec && (typeof spec.minItems !== "number" || !Number.isFinite(spec.minItems) || spec.minItems < 0 || !Number.isInteger(spec.minItems))) {
+    errors.push(`"minItems" at "${path}" must be a non-negative finite integer`);
+  }
+  if ("maxItems" in spec && (typeof spec.maxItems !== "number" || !Number.isFinite(spec.maxItems) || spec.maxItems < 0 || !Number.isInteger(spec.maxItems))) {
+    errors.push(`"maxItems" at "${path}" must be a non-negative finite integer`);
+  }
+  if ("minItems" in spec && "maxItems" in spec && typeof spec.minItems === "number" && typeof spec.maxItems === "number" && spec.minItems > spec.maxItems) {
+    errors.push(`"minItems" at "${path}" cannot exceed "maxItems"`);
+  }
+  if (baseType === "array") {
+    if (!("items" in spec)) {
+      errors.push(
+        `Typed array at "${path}" must have an "items" key specifying the element type`
+      );
+    } else {
+      validateTypeSpec(`${path}.items`, spec.items, errors);
+    }
+  }
+}
+function validateTypeSpec(path, spec, errors) {
+  if (typeof spec === "string") {
+    if (!VALID_PRIMITIVE_TYPES.has(spec)) {
+      errors.push(
+        `Invalid type at "${path}": "${spec}" (expected number|string|boolean|wref|array, optionally with ? suffix)`
+      );
+    }
+    return;
+  }
+  if (Array.isArray(spec)) {
+    if (spec.length !== 1) {
+      errors.push(
+        `Invalid array type at "${path}": array type spec must have exactly 1 element`
+      );
+      return;
+    }
+    validateTypeSpec(`${path}[]`, spec[0], errors);
+    return;
+  }
+  if (isPlainObject(spec)) {
+    if (isTypeSpecObject(spec)) {
+      validateTypedFieldObject(path, spec, errors);
+      return;
+    }
+    if ("type" in spec && typeof spec.type === "string" && VALID_PRIMITIVE_TYPES.has(spec.type) && Object.keys(spec).every((k) => VALID_TYPESPEC_KEYS.has(k))) {
+      const baseType = spec.type.endsWith("?") ? spec.type.slice(0, -1) : spec.type;
+      const EMPTY_SET = /* @__PURE__ */ new Set();
+      const allowedForType = baseType === "string" ? STRING_CONSTRAINT_KEYS : baseType === "number" ? NUMBER_CONSTRAINT_KEYS : baseType === "wref" ? WREF_CONSTRAINT_KEYS : baseType === "array" ? ARRAY_CONSTRAINT_KEYS : EMPTY_SET;
+      const crossTypeKeys = Object.keys(spec).filter(
+        (k) => k !== "type" && k !== "description" && !allowedForType.has(k)
+      );
+      if (crossTypeKeys.length > 0) {
+        const hasNonTypeSpecValues = crossTypeKeys.some((k) => {
+          const v = spec[k];
+          return typeof v !== "string" && !Array.isArray(v) && !isPlainObject(v);
+        });
+        if (hasNonTypeSpecValues) {
+          for (const key of crossTypeKeys) {
+            errors.push(
+              `Constraint "${key}" at "${path}" is not valid for type "${baseType}"`
+            );
+          }
+          return;
+        }
+      }
+      if (crossTypeKeys.length === 0) {
+        const constraintErrors = [];
+        for (const [k, v] of Object.entries(spec)) {
+          if (k === "type" || k === "description") continue;
+          if (!allowedForType.has(k)) continue;
+          if ((k === "minLength" || k === "maxLength" || k === "minimum" || k === "maximum" || k === "minItems" || k === "maxItems") && typeof v !== "number") {
+            constraintErrors.push(
+              `Constraint "${k}" at "${path}" must be a number, got ${typeof v}`
+            );
+          } else if (k === "integer" && typeof v !== "boolean") {
+            constraintErrors.push(
+              `Constraint "${k}" at "${path}" must be a boolean, got ${typeof v}`
+            );
+          } else if (k === "pattern" && typeof v !== "string") {
+            constraintErrors.push(
+              `Constraint "${k}" at "${path}" must be a string, got ${typeof v}`
+            );
+          } else if (k === "enum" && !Array.isArray(v)) {
+            constraintErrors.push(
+              `Constraint "${k}" at "${path}" must be an array, got ${typeof v}`
+            );
+          } else if (k === "shape" && typeof v !== "string") {
+            constraintErrors.push(
+              `Constraint "${k}" at "${path}" must be a string, got ${typeof v}`
+            );
+          }
+        }
+        if (constraintErrors.length > 0) {
+          errors.push(...constraintErrors);
+          return;
+        }
+      }
+      const hasWrongValueTypes = Object.entries(spec).some(([k, v]) => {
+        if (k === "type" || k === "description") return false;
+        if (typeof v === "string" || Array.isArray(v) || isPlainObject(v))
+          return false;
+        return true;
+      });
+      if (hasWrongValueTypes) {
+        errors.push(
+          `Object at "${path}" looks like a typed field object (type: "${spec.type}") but has constraint values with invalid types. Check that constraint values match their expected types (e.g., minLength must be a number, not a string).`
+        );
+        return;
+      }
+    }
+    for (const [key, value] of Object.entries(spec)) {
+      validateTypeSpec(`${path}.${key}`, value, errors);
+    }
+    return;
+  }
+  errors.push(
+    `Invalid type at "${path}": expected string, array, or object, got ${typeof spec}`
+  );
+}
+var ALLOWED_SHAPE_KEYS = /* @__PURE__ */ new Set(["fields", "description"]);
+function validateShapeDefinition(data) {
+  if (typeof data !== "object" || data === null || Array.isArray(data)) {
+    return { valid: false, errors: ["Shape definition must be a plain object"] };
+  }
+  const obj = data;
+  const errors = [];
+  for (const key of Object.keys(obj)) {
+    if (!ALLOWED_SHAPE_KEYS.has(key)) {
+      errors.push(`Unsupported shape definition key "${key}"`);
+    }
+  }
+  if (!("fields" in obj)) {
+    return {
+      valid: false,
+      errors: ['Shape definition must have a "fields" property']
+    };
+  }
+  const fields = obj.fields;
+  if (typeof fields !== "object" || fields === null || Array.isArray(fields)) {
+    return {
+      valid: false,
+      errors: ['"fields" must be a plain object mapping field names to types']
+    };
+  }
+  for (const [key, value] of Object.entries(
+    fields
+  )) {
+    validateTypeSpec(`fields.${key}`, value, errors);
+  }
+  if ("description" in obj && typeof obj.description !== "string") {
+    errors.push('"description" must be a string');
+  }
+  validatePersistedStringFieldLimits(obj, void 0, errors);
+  if (errors.length > 0) {
+    return { valid: false, errors };
+  }
+  return { valid: true };
+}
+function validateAgainstShape(data, shapeFields) {
+  const errors = [];
+  if (typeof data !== "object" || data === null || Array.isArray(data)) {
+    return { valid: false, errors: ["Data must be a plain object"] };
+  }
+  for (const [fieldSpec, rawTypeDef] of Object.entries(shapeFields)) {
+    const isOptionalByKey = fieldSpec.endsWith("?");
+    const fieldName = isOptionalByKey ? fieldSpec.slice(0, -1) : fieldSpec;
+    const normalized = normalizeOptionalTypeSpec(rawTypeDef);
+    const isOptional = isOptionalByKey || normalized.optionalByType;
+    const value = data[fieldName];
+    if (value === void 0 || value === null) {
+      if (!isOptional) {
+        errors.push(`Missing required field: "${fieldName}"`);
+      }
+      continue;
+    }
+    validateField(fieldName, value, normalized.spec, errors);
+  }
+  validatePersistedStringFieldLimits(data, shapeFields, errors);
+  const warnings = buildUndeclaredFieldsWarning(data, shapeFields);
+  if (errors.length > 0) {
+    return warnings ? { valid: false, errors, warnings } : { valid: false, errors };
+  }
+  return warnings ? { valid: true, warnings } : { valid: true };
+}
+function buildUndeclaredFieldsWarning(data, shapeFields) {
+  return buildUndeclaredFieldsWarningFromDeclaredSet(
+    data,
+    declaredFieldNames(shapeFields)
+  );
+}
+function declaredFieldNames(shapeFields) {
+  const declared = /* @__PURE__ */ new Set();
+  for (const key of Object.keys(shapeFields)) {
+    declared.add(key.endsWith("?") ? key.slice(0, -1) : key);
+  }
+  return declared;
+}
+function buildUndeclaredFieldsWarningFromDeclaredSet(data, declared) {
+  const undeclaredFields = [];
+  let totalUndeclared = 0;
+  for (const key of Object.keys(data)) {
+    if (declared.has(key)) continue;
+    totalUndeclared++;
+    if (undeclaredFields.length < MAX_UNDECLARED_FIELDS_REPORTED) {
+      undeclaredFields.push(key);
+    }
+  }
+  if (totalUndeclared === 0) return void 0;
+  if (totalUndeclared > MAX_UNDECLARED_FIELDS_REPORTED) {
+    return {
+      undeclaredFields,
+      undeclaredFieldsTruncated: true,
+      totalUndeclared
+    };
+  }
+  return { undeclaredFields };
+}
+var MAX_UNDECLARED_FIELDS_REPORTED = 500;
+function validatePersistedStringFieldLimits(value, typeDef, errors, path) {
+  const normalized = normalizeOptionalTypeSpec(typeDef).spec;
+  if (typeof value === "string") {
+    if (isDeclaredStringType(normalized) || isDeclaredWrefType(normalized))
+      return;
+    if (normalized !== void 0) return;
+    assertContentFieldWithinLimit(path ?? "<value>", value, errors);
+    return;
+  }
+  if (Array.isArray(value)) {
+    const elementType = arrayElementType(normalized);
+    if (normalized !== void 0 && elementType === void 0) return;
+    for (let i = 0; i < value.length; i++) {
+      validatePersistedStringFieldLimits(
+        value[i],
+        elementType,
+        errors,
+        `${path ?? "<value>"}[${i}]`
+      );
+    }
+    return;
+  }
+  if (!isPlainObject(value)) return;
+  const fields = nestedObjectFields(normalized);
+  if (normalized !== void 0 && fields === void 0) return;
+  for (const [key, nestedValue] of Object.entries(value)) {
+    validatePersistedStringFieldLimits(
+      nestedValue,
+      fields?.get(key),
+      errors,
+      path ? `${path}.${key}` : key
+    );
+  }
+}
+function isDeclaredStringType(typeDef) {
+  if (typeDef === "string") return true;
+  return isTypeSpecObject(typeDef) && typeDef.type === "string";
+}
+function isDeclaredWrefType(typeDef) {
+  if (typeDef === "wref") return true;
+  return isTypeSpecObject(typeDef) && typeDef.type === "wref";
+}
+function arrayElementType(typeDef) {
+  if (Array.isArray(typeDef)) return typeDef[0];
+  if (isTypeSpecObject(typeDef) && typeDef.type === "array")
+    return typeDef.items;
+  return void 0;
+}
+function nestedObjectFields(typeDef) {
+  if (!isPlainObject(typeDef) || isTypeSpecObject(typeDef)) return void 0;
+  const fields = /* @__PURE__ */ new Map();
+  for (const [key, value] of Object.entries(typeDef)) {
+    fields.set(key.endsWith("?") ? key.slice(0, -1) : key, value);
+  }
+  return fields;
+}
+function validatePrimitiveField(path, value, typeDef, errors) {
+  switch (typeDef) {
+    case "number":
+      if (typeof value !== "number") {
+        errors.push(`Field "${path}" expected number, got ${typeof value}`);
+      }
+      break;
+    case "string":
+      if (typeof value !== "string") {
+        errors.push(`Field "${path}" expected string, got ${typeof value}`);
+      } else {
+        assertContentFieldWithinLimit(path, value, errors);
+      }
+      break;
+    case "wref":
+      if (typeof value !== "string") {
+        errors.push(`Field "${path}" expected string, got ${typeof value}`);
+      }
+      break;
+    case "boolean":
+      if (typeof value !== "boolean") {
+        errors.push(`Field "${path}" expected boolean, got ${typeof value}`);
+      }
+      break;
+    case "array":
+      if (!Array.isArray(value)) {
+        errors.push(`Field "${path}" expected array, got ${typeof value}`);
+      }
+      break;
+  }
+}
+function validateNestedObjectField(path, value, typeDef, errors) {
+  if (typeof value !== "object" || value === null || Array.isArray(value)) {
+    errors.push(`Field "${path}" expected object, got ${typeof value}`);
+    return;
+  }
+  const objValue = value;
+  for (const [subKey, rawSubType] of Object.entries(typeDef)) {
+    const isOptionalByKey = subKey.endsWith("?");
+    const fieldName = isOptionalByKey ? subKey.slice(0, -1) : subKey;
+    const normalized = normalizeOptionalTypeSpec(rawSubType);
+    const isOptional = isOptionalByKey || normalized.optionalByType;
+    const subValue = objValue[fieldName];
+    if (subValue === void 0 || subValue === null) {
+      if (!isOptional) {
+        errors.push(`Missing required field: "${path}.${fieldName}"`);
+      }
+      continue;
+    }
+    validateField(`${path}.${fieldName}`, subValue, normalized.spec, errors);
+  }
+}
+function validateField(path, value, typeDef, errors) {
+  if (typeof typeDef === "string") {
+    validatePrimitiveField(path, value, typeDef, errors);
+    return;
+  }
+  if (Array.isArray(typeDef)) {
+    if (!Array.isArray(value)) {
+      errors.push(`Field "${path}" expected array, got ${typeof value}`);
+    } else if (typeDef.length > 0) {
+      const rawElementType = typeDef[0];
+      const { spec: elementType } = normalizeOptionalTypeSpec(rawElementType);
+      for (let i = 0; i < value.length; i++) {
+        validateField(`${path}[${i}]`, value[i], elementType, errors);
+      }
+    }
+    return;
+  }
+  if (isTypeSpecObject(typeDef)) {
+    if (typeof typeDef.type === "string") {
+      const baseType = typeDef.type.endsWith("?") ? typeDef.type.slice(0, -1) : typeDef.type;
+      if (baseType === "array") {
+        validateTypedArrayField(path, value, typeDef, errors);
+      } else {
+        validatePrimitiveField(path, value, typeDef.type, errors);
+        validateConstraints(path, value, typeDef, errors);
+      }
+    } else {
+      errors.push(
+        `Field "${path}" has malformed type spec: "type" must be a string`
+      );
+    }
+    return;
+  }
+  if (isPlainObject(typeDef)) {
+    validateNestedObjectField(path, value, typeDef, errors);
+  }
+}
+function validateTypedArrayField(path, value, spec, errors) {
+  if (!Array.isArray(value)) {
+    errors.push(`Field "${path}" expected array, got ${typeof value}`);
+    return;
+  }
+  if (typeof spec.minItems === "number" && value.length < spec.minItems) {
+    errors.push(
+      `Field "${path}" has ${value.length} items, minimum is ${spec.minItems}`
+    );
+  }
+  if (typeof spec.maxItems === "number" && value.length > spec.maxItems) {
+    errors.push(
+      `Field "${path}" has ${value.length} items, maximum is ${spec.maxItems}`
+    );
+  }
+  if ("items" in spec && spec.items != null) {
+    const { spec: elementType } = normalizeOptionalTypeSpec(spec.items);
+    if (typeof elementType === "string" || Array.isArray(elementType) || isPlainObject(elementType)) {
+      for (let i = 0; i < value.length; i++) {
+        validateField(`${path}[${i}]`, value[i], elementType, errors);
+      }
+    }
+  }
+}
+function validateConstraints(path, value, spec, errors) {
+  if (typeof value === "string") {
+    if (typeof spec.minLength === "number" && value.length < spec.minLength) {
+      errors.push(
+        `Field "${path}" length ${value.length} is below minimum ${spec.minLength}`
+      );
+    }
+    if (typeof spec.maxLength === "number" && value.length > spec.maxLength) {
+      errors.push(
+        `Field "${path}" length ${value.length} exceeds maximum ${spec.maxLength}`
+      );
+    }
+    if (typeof spec.pattern === "string") {
+      try {
+        if (!new RegExp(spec.pattern).test(value)) {
+          errors.push(
+            `Field "${path}" does not match pattern "${spec.pattern}"`
+          );
+        }
+      } catch {
+        errors.push(
+          `Field "${path}" has invalid pattern "${spec.pattern}" \u2014 skipping regex check`
+        );
+      }
+    }
+    if (Array.isArray(spec.enum) && !spec.enum.includes(value)) {
+      errors.push(
+        `Field "${path}" value "${value}" is not in allowed values: ${spec.enum.join(", ")}`
+      );
+    }
+  }
+  if (typeof value === "number") {
+    if (typeof spec.minimum === "number" && value < spec.minimum) {
+      errors.push(
+        `Field "${path}" value ${value} is below minimum ${spec.minimum}`
+      );
+    }
+    if (typeof spec.maximum === "number" && value > spec.maximum) {
+      errors.push(
+        `Field "${path}" value ${value} exceeds maximum ${spec.maximum}`
+      );
+    }
+    if (spec.integer === true && !Number.isInteger(value)) {
+      errors.push(`Field "${path}" must be an integer, got ${value}`);
+    }
+  }
+}
+
+// ../rules/src/system-components/identity.ts
+var IDENTITY_COMPONENT_ID = "com.warmhub.identity";
+var IDENTITY_FIELDS = {
+  // Required. Conventionally equal to the thing's name (the wref tail) —
+  // Identity things are addressed as Identity/<external_id>. Kept as a
+  // field for explicit schema visibility and to leave room for callers
+  // that read the body without resolving the wref. v1 enforces this only
+  // by convention; a commit-time validator can be added when a consumer
+  // needs hard guarantees.
+  external_id: "string",
+  display_name: "string"
+  // Deferred fields, added as additive shape revisions when their consumer
+  // ticket lands: email, avatar_url, profile, kind. Each consumer (#2548,
+  // #2549, #2550) is the trigger for adding the corresponding optional field.
+};
+var IDENTITY_MANIFEST = {
+  component: {
+    id: IDENTITY_COMPONENT_ID,
+    name: "identity",
+    version: "1.0.0"
+  },
+  shapes: [{ name: "Identity", fields: IDENTITY_FIELDS }],
+  credentials: [],
+  subscriptions: [],
+  seeds: [],
+  health: { requires: { shapes: ["Identity"] } },
+  teardown: {},
+  runtimeAccess: { reads: [], writes: [] }
+};
+var IDENTITY_COMPONENT = {
+  componentId: IDENTITY_COMPONENT_ID,
+  name: IDENTITY_MANIFEST.component.name,
+  version: IDENTITY_MANIFEST.component.version,
+  manifest: IDENTITY_MANIFEST,
+  shapes: [{ name: "Identity", fields: IDENTITY_FIELDS }]
+};
+
+// ../rules/src/system-components/system.ts
+var SYSTEM_COMPONENT_ID = "com.warmhub.system";
+var COMPONENT_INSTALL_FIELDS = {
+  componentId: "string",
+  name: "string",
+  version: "string",
+  source: "string",
+  "sourceKind?": "string",
+  "sourceRef?": "string",
+  "resolvedSha?": "string",
+  "registeredComponentRef?": "string",
+  manifestHash: "string",
+  state: "string",
+  manifest: "string",
+  installedAt: "string",
+  installedByUserId: "string?",
+  "installId?": "string",
+  "updatedAt?": "string"
+};
+var COMPONENT_CONFIG_FIELDS = {};
+var SYSTEM_MANIFEST = {
+  component: {
+    id: SYSTEM_COMPONENT_ID,
+    name: "system",
+    version: "1.0.0"
+  },
+  shapes: [
+    { name: "ComponentInstall", fields: COMPONENT_INSTALL_FIELDS },
+    { name: "ComponentConfig", fields: COMPONENT_CONFIG_FIELDS }
+  ],
+  credentials: [],
+  subscriptions: [],
+  seeds: [],
+  health: {
+    requires: { shapes: ["ComponentInstall", "ComponentConfig"] }
+  },
+  teardown: {},
+  runtimeAccess: { reads: [], writes: [] }
+};
+var SYSTEM_COMPONENT = {
+  componentId: SYSTEM_COMPONENT_ID,
+  name: SYSTEM_MANIFEST.component.name,
+  version: SYSTEM_MANIFEST.component.version,
+  manifest: SYSTEM_MANIFEST,
+  installInfra: true,
+  shapes: [
+    { name: "ComponentInstall", fields: COMPONENT_INSTALL_FIELDS },
+    { name: "ComponentConfig", fields: COMPONENT_CONFIG_FIELDS }
+  ]
+};
+
+// ../rules/src/system-components/index.ts
+var SYSTEM_COMPONENTS = [
+  SYSTEM_COMPONENT,
+  IDENTITY_COMPONENT
+];
+new Set(
+  SYSTEM_COMPONENTS.filter((entry) => entry.installInfra === true).flatMap(
+    (entry) => entry.shapes.map((s) => s.name)
+  )
+);
+
+// src/operation-normalize.ts
+function toBackendStreamOperation(operation) {
+  if (operation.operation === "retract") {
+    return {
+      operation: "retract",
+      name: operation.name,
+      ...operation.kind ? { kind: operation.kind } : {},
+      ...operation.reason ? { reason: operation.reason } : {}
+    };
+  }
+  if (operation.operation === "revise") {
+    const name = operation.name ?? operation.wref;
+    if (!name) {
+      throw new Error("revise operation requires a target");
+    }
+    const kind2 = operation.kind ?? inferKind(name, operation);
+    if (Object.hasOwn(operation, "active")) {
+      throw new Error(
+        `${kind2} revise operation no longer supports 'active' \u2014 use retract('${name}') instead`
+      );
+    }
+    if (operation.data === void 0) {
+      throw new Error(`${kind2} revise operation requires 'data'`);
+    }
+    if (kind2 === "collection") {
+      throw new Error(
+        `collection revise is no longer supported \u2014 use retract('${name}') instead`
+      );
+    }
+    if (kind2 === "assertion") {
+      return {
+        operation: "revise",
+        kind: "assertion",
+        name,
+        data: operation.data
+      };
+    }
+    return {
+      operation: "revise",
+      kind: kind2,
+      name,
+      data: operation.data
+    };
+  }
+  const kind = operation.kind ?? inferKind(operation.name, operation);
+  const skipExisting = "skipExisting" in operation ? operation.skipExisting : void 0;
+  if (kind === "collection") {
+    if (!("members" in operation) || !operation.members) {
+      throw new Error("collection add operation requires 'members'");
+    }
+    return {
+      operation: "add",
+      kind: "collection",
+      name: operation.name,
+      type: "type" in operation && operation.type || "set",
+      members: operation.members,
+      ...skipExisting === true ? { skipExisting } : {}
+    };
+  }
+  if (!operation.name) {
+    throw new Error("add operation requires a name");
+  }
+  if (kind === "assertion") {
+    if (!("about" in operation) || operation.about === void 0) {
+      throw new Error("assertion add operation requires 'about'");
+    }
+    if (operation.data === void 0) {
+      throw new Error("assertion add operation requires 'data'");
+    }
+    return {
+      operation: "add",
+      kind: "assertion",
+      name: operation.name,
+      about: operation.about,
+      data: operation.data,
+      ...skipExisting === true ? { skipExisting } : {}
+    };
+  }
+  if (operation.data === void 0) {
+    throw new Error(`${kind} add operation requires 'data'`);
+  }
+  return {
+    operation: "add",
+    kind,
+    name: operation.name,
+    data: operation.data,
+    ...skipExisting === true ? { skipExisting } : {}
+  };
+}
+function inferKind(name, operation) {
+  if (operation.kind) {
+    return operation.kind;
+  }
+  if ("about" in operation && operation.about !== void 0) {
+    return "assertion";
+  }
+  if ("type" in operation && operation.type !== void 0 || "members" in operation && operation.members !== void 0) {
+    return "collection";
+  }
+  if (!name) {
+    return "shape";
+  }
+  return name.includes("/") ? "thing" : "shape";
+}
+
+// src/stream-submit.ts
+var DEFAULT_STREAM_CHUNK_SIZE = DEFAULT_STREAM_APPEND_CHUNK_SIZE;
+var MAX_STREAM_APPEND_OPERATION_COUNT2 = MAX_STREAM_APPEND_OPERATION_COUNT;
+var DEFAULT_RETRY_POLICY = {
+  maxAttempts: 3,
+  baseDelayMs: 250,
+  maxDelayMs: 8e3
+};
+var MAX_ATTEMPTS_HARD_CAP = 10;
+var MAX_DELAY_HARD_CAP_MS = 6e4;
+function resolveRetryPolicy(retry) {
+  if (retry === false) return false;
+  const overrides = {};
+  if (retry !== void 0) {
+    if (Number.isFinite(retry.maxAttempts))
+      overrides.maxAttempts = retry.maxAttempts;
+    if (Number.isFinite(retry.baseDelayMs))
+      overrides.baseDelayMs = retry.baseDelayMs;
+    if (Number.isFinite(retry.maxDelayMs))
+      overrides.maxDelayMs = retry.maxDelayMs;
+  }
+  const merged = { ...DEFAULT_RETRY_POLICY, ...overrides };
+  return {
+    maxAttempts: Math.min(
+      MAX_ATTEMPTS_HARD_CAP,
+      Math.max(1, Math.trunc(merged.maxAttempts))
+    ),
+    baseDelayMs: Math.min(
+      MAX_DELAY_HARD_CAP_MS,
+      Math.max(0, Math.trunc(merged.baseDelayMs))
+    ),
+    maxDelayMs: Math.min(
+      MAX_DELAY_HARD_CAP_MS,
+      Math.max(0, Math.trunc(merged.maxDelayMs))
+    )
+  };
+}
+var StreamValidationError = class extends Error {
+  code = "VALIDATION_ERROR";
+  status = 400;
+  constructor(message) {
+    super(message);
+    this.name = "WarmHubError";
+  }
+};
+var PartialStreamSubmissionError = class extends Error {
+  /**
+   * Stable error code. Always `'PARTIAL_STREAM_SUBMISSION'`.
+   */
+  code = "PARTIAL_STREAM_SUBMISSION";
+  /**
+   * Operations the SDK confirmed completed before the ambiguous or failing
+   * append. The remaining operations may or may not have landed; inspect
+   * repository state before retrying manually.
+   */
+  completedOperations;
+  /**
+   * Underlying error that triggered the partial submission, preserved for
+   * diagnostics. Inspect via `isWarmHubError(err.cause)` / `err.cause.kind`.
+   */
+  cause;
+  constructor(input) {
+    super(
+      "Stream submission failed. A timed-out append may already have landed, so inspect repository state before sending any further operations."
+    );
+    this.name = "WarmHubError";
+    this.cause = input.cause;
+    this.completedOperations = input.completedOperations;
+  }
+};
+async function submitOperationsViaStream(client, args) {
+  if (args.operations.length === 0) {
+    throw new StreamValidationError(
+      "At least one operation is required for stream submission."
+    );
+  }
+  const operations = args.operations.map((operation, index) => {
+    let streamOperation;
+    try {
+      streamOperation = toBackendStreamOperation(operation);
+    } catch (cause) {
+      const message = cause instanceof Error ? cause.message : String(cause);
+      throw new StreamValidationError(
+        `Invalid operation at index ${index}: ${message}`
+      );
+    }
+    if (args.skipExisting === true && streamOperation.operation === "add") {
+      return { ...streamOperation, skipExisting: true };
+    }
+    return streamOperation;
+  });
+  const chunkSize = normalizeChunkSize(args.chunkSize);
+  let streamId = args.streamId ?? createStreamId();
+  const isManualResume = args.streamId !== void 0 || (args.allocatedTokens?.length ?? 0) > 0;
+  const policy = isManualResume ? false : resolveRetryPolicy(args.retry);
+  let allocatedTokens = args.allocatedTokens ?? [];
+  const chunkResults = [];
+  for (const chunk of chunkOperations(operations, chunkSize)) {
+    let attempt = 1;
+    let priorAttemptAmbiguous = false;
+    const chunkIsAtomic = chunk.length === 1;
+    const chunkUsesTokens = chunk.some(opUsesTokens);
+    while (true) {
+      try {
+        const appendResult = await client.stream.append({
+          allocatedTokens,
+          orgName: args.orgName,
+          repoName: args.repoName,
+          streamId,
+          componentId: args.componentId,
+          committer: args.committer,
+          operations: chunk
+        });
+        allocatedTokens = appendResult.allocatedTokens;
+        chunkResults.push(...appendResult.results);
+        break;
+      } catch (cause) {
+        if (chunkResults.length === 0 && !priorAttemptAmbiguous && isDefiniteClientError(cause)) {
+          throw cause;
+        }
+        if (chunkResults.length === 0 && chunkIsAtomic && !chunkUsesTokens && policy !== false && attempt < policy.maxAttempts && isTransientStreamFailure(cause)) {
+          await sleep(computeBackoffDelayMs(attempt, policy));
+          attempt += 1;
+          priorAttemptAmbiguous = true;
+          streamId = createStreamId();
+          allocatedTokens = [];
+          continue;
+        }
+        const completedOperations = toSubmittedStreamResult(
+          {
+            operationCount: chunkResults.length
+          },
+          args.committer,
+          args.message,
+          chunkResults
+        ).operations;
+        throw new PartialStreamSubmissionError({
+          cause,
+          completedOperations
+        });
+      }
+    }
+  }
+  return toSubmittedStreamResult(
+    {
+      operationCount: chunkResults.length
+    },
+    args.committer,
+    args.message,
+    chunkResults
+  );
+}
+var DEFINITE_CLIENT_REJECT_CODES = /* @__PURE__ */ new Set([
+  "UNAUTHENTICATED",
+  "FORBIDDEN",
+  "VALIDATION_ERROR",
+  "SHAPE_MISMATCH",
+  "NOT_FOUND",
+  "KIND_MISMATCH",
+  "CONFLICT",
+  "ALREADY_RETRACTED",
+  "ARCHIVED",
+  // Pre-apply rejections from stream/service.ts: applyRateLimit() and the
+  // unresolved-token check both throw before any operation lands, so the
+  // first-chunk wrapper would discard structured retry/validation detail
+  // (retryAfter, the failing token, etc.).
+  "RATE_LIMITED",
+  "UNRESOLVED_TOKEN"
+]);
+function extractErrorCode(cause) {
+  if (!cause || typeof cause !== "object") return void 0;
+  const direct = cause.code;
+  if (typeof direct === "string") return direct;
+  const data = cause.data;
+  const wh = data?.warmhub?.code;
+  if (typeof wh === "string") return wh;
+  const dc = data?.code;
+  if (typeof dc === "string") return dc;
+  return void 0;
+}
+function isDefiniteClientError(cause) {
+  const code = extractErrorCode(cause);
+  return code !== void 0 && DEFINITE_CLIENT_REJECT_CODES.has(code);
+}
+function isTransientStreamFailure(cause) {
+  if (isDefiniteClientError(cause)) return false;
+  if (cause instanceof TypeError) return false;
+  if (cause instanceof SyntaxError) return false;
+  const inner = cause?.cause;
+  if (inner instanceof TypeError) return false;
+  if (inner instanceof SyntaxError) return false;
+  return true;
+}
+function computeBackoffDelayMs(attempt, policy) {
+  const exponential = policy.baseDelayMs * 2 ** Math.max(0, attempt - 1);
+  const jitter = Math.random() * policy.baseDelayMs;
+  return Math.min(policy.maxDelayMs, exponential + jitter);
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+var TOKEN_REF_REGEX = /[$#]\d+/;
+function stringHasTokenRef(value) {
+  return typeof value === "string" && TOKEN_REF_REGEX.test(value);
+}
+function membersHaveTokenRef(members) {
+  if (!Array.isArray(members)) return false;
+  return members.some(stringHasTokenRef);
+}
+function opUsesTokens(op) {
+  return stringHasTokenRef(op.name) || stringHasTokenRef(op.wref) || stringHasTokenRef(op.about) || stringHasTokenRef(op.aboutWref) || membersHaveTokenRef(op.members);
+}
+function createStreamId() {
+  return globalThis.crypto?.randomUUID?.() ?? `stream-${Date.now()}-${Math.random()}`;
+}
+function normalizeChunkSize(chunkSize) {
+  if (!Number.isFinite(chunkSize)) return DEFAULT_STREAM_CHUNK_SIZE;
+  return Math.max(
+    1,
+    Math.min(
+      MAX_STREAM_APPEND_OPERATION_COUNT2,
+      Math.trunc(chunkSize)
+    )
+  );
+}
+function chunkOperations(operations, chunkSize) {
+  const chunks = [];
+  for (let start = 0; start < operations.length; start += chunkSize) {
+    chunks.push(operations.slice(start, start + chunkSize));
+  }
+  return chunks;
+}
+function toSubmittedStreamResult(writeResult, committer, message, results) {
+  return {
+    committer,
+    message,
+    operationCount: writeResult.operationCount,
+    operations: results.map((result) => ({
+      name: result.name ?? "",
+      operation: result.operation === "revise" || result.operation === "retract" || result.operation === "noop" ? result.operation : "add",
+      dataHash: result.dataHash ?? "",
+      version: result.version ?? 0,
+      status: result.status,
+      error: result.error,
+      ...result.warnings ? { warnings: result.warnings } : {}
+    }))
+  };
+}
+
+// src/operation-builder.ts
+var OperationBuilder = class {
+  ops = [];
+  pendingNames = /* @__PURE__ */ new Set();
+  shapes;
+  wrefToShape = /* @__PURE__ */ new Map();
+  submitted = false;
+  inFlight = false;
+  /**
+   * Create an empty operation builder.
+   *
+   * Pass known shape definitions when you want local data validation before submitting operations.
+   */
+  constructor(options) {
+    this.shapes = options?.shapes;
+  }
+  /**
+   * Add a shape, thing, assertion, or collection operation.
+   *
+   * For things and assertions, names use `Shape/localName`. Supplying `about` makes the operation an assertion. Supplying collection `type` and `members` makes it a collection. Otherwise the builder infers kind from the name.
+   *
+   * Set `kind: 'thing'` explicitly for hierarchical thing names that would otherwise look like assertion paths.
+   */
+  add(op) {
+    this.assertNotSubmitted();
+    const normalized = { ...op };
+    delete normalized.operation;
+    const shapeWref = inferShapeForAdd(normalized);
+    if (this.shapes && shapeWref && normalized.data !== void 0) {
+      const fields = this.shapes[shapeWref];
+      if (fields) {
+        const result = validateAgainstShape(
+          normalized.data,
+          fields
+        );
+        if (!result.valid) {
+          throw new Error(
+            `Shape validation failed for '${normalized.name}' (shape: ${shapeWref}): ${result.errors.join("; ")}`
+          );
+        }
+      }
+    }
+    const addAsOp = { operation: "add", ...normalized };
+    const addKind = normalizeAddKind(addAsOp);
+    if (addAsOp.name) {
+      preflightCheckAdd(addAsOp, addKind);
+    }
+    const frozen = Object.freeze({
+      operation: "add",
+      ...normalized
+    });
+    this.ops.push(frozen);
+    if (normalized.name) {
+      this.pendingNames.add(normalized.name);
+      if (shapeWref) {
+        this.wrefToShape.set(normalized.name, shapeWref);
+      }
+    }
+    return this;
+  }
+  /**
+   * Add a revise operation.
+   *
+   * The target can be supplied as `name` or `wref`. When shape definitions were provided to the constructor, revise data is validated locally before the operation is queued.
+   */
+  revise(op) {
+    this.assertNotSubmitted();
+    const normalized = { ...op };
+    delete normalized.operation;
+    const target = normalized.name ?? normalized.wref;
+    if (this.shapes && target && normalized.data !== void 0) {
+      const shapeWref = this.wrefToShape.get(target) ?? inferShapeFromLocalPath(target);
+      if (shapeWref) {
+        const fields = this.shapes[shapeWref];
+        if (fields) {
+          const result = validateAgainstShape(
+            normalized.data,
+            fields
+          );
+          if (!result.valid) {
+            throw new Error(
+              `Shape validation failed for revise '${target}' (shape: ${shapeWref}): ${result.errors.join("; ")}`
+            );
+          }
+        }
+      }
+    }
+    if (target) {
+      const reviseKind = normalizeReviseKind(
+        { ...normalized },
+        target
+      );
+      preflightCheckRevise(reviseKind, target, normalized.data);
+    }
+    const frozen = Object.freeze({
+      operation: "revise",
+      ...normalized
+    });
+    this.ops.push(frozen);
+    return this;
+  }
+  /**
+   * Add a retract operation.
+   *
+   * Pass a wref string shorthand or an object with a target name, optional kind safety hint, and optional reason.
+   */
+  retract(target) {
+    this.assertNotSubmitted();
+    const op = typeof target === "string" ? Object.freeze({ operation: "retract", name: target }) : Object.freeze({
+      operation: "retract",
+      name: target.name,
+      ...target.kind ? { kind: target.kind } : {},
+      ...target.reason ? { reason: target.reason } : {}
+    });
+    this.ops.push(op);
+    return this;
+  }
+  /**
+   * Return the queued operations.
+   *
+   * The returned array is read-only; use `add`, `revise`, and `retract` to modify the builder.
+   */
+  get operations() {
+    return this.ops;
+  }
+  /**
+   * Return the number of queued operations.
+   */
+  get size() {
+    return this.ops.length;
+  }
+  /**
+   * Return whether this builder has queued an add operation for a name.
+   */
+  has(name) {
+    return this.pendingNames.has(name);
+  }
+  /**
+   * Run client-side validation without contacting the server.
+   *
+   * Validation checks for empty commits, duplicate adds, missing revise targets, revise-after-retract patterns, local shape-data errors when shapes were provided, and the same preflight diagnostics used before commit submission.
+   *
+   * Returns a {@link ValidationResult} object (`{ valid, errors, warnings }`) —
+   * not a boolean. Read `result.valid` to gate submission, and iterate
+   * `result.errors` for blocking diagnostics or `result.warnings` for
+   * informational ones.
+   *
+   * @example
+   * ```ts
+   * const cb = new OperationBuilder();
+   * cb.add({ name: "Location/cave", data: { x: 0, y: 0 } });
+   * const result = cb.validate();
+   * if (!result.valid) {
+   *   for (const err of result.errors) {
+   *     console.error(`op ${err.operationIndex}: ${err.code} — ${err.message}`);
+   *   }
+   *   throw new Error("validation failed");
+   * }
+   * for (const warn of result.warnings) console.warn(warn.message);
+   * ```
+   */
+  validate() {
+    const errors = [];
+    const warnings = [];
+    const seenAdds = /* @__PURE__ */ new Set();
+    const seenRetracts = /* @__PURE__ */ new Set();
+    for (let index = 0; index < this.ops.length; index += 1) {
+      const op = this.ops[index];
+      if (!op) continue;
+      if (op.operation === "add") {
+        if (!op.name) {
+          errors.push({
+            code: "MISSING_NAME",
+            operationIndex: index,
+            message: `Add operation at index ${index} is missing required 'name' field`
+          });
+        } else {
+          if (seenAdds.has(op.name)) {
+            errors.push({
+              code: "DUPLICATE_NAME",
+              operationIndex: index,
+              message: `Duplicate name '${op.name}' at index ${index} (already added earlier in commit)`
+            });
+          }
+          seenAdds.add(op.name);
+        }
+      }
+      if (op.operation === "revise") {
+        const target = op.name ?? op.wref;
+        if (!target) {
+          errors.push({
+            code: "MISSING_WREF",
+            operationIndex: index,
+            message: `Revise operation at index ${index} is missing required target ('name' or 'wref')`
+          });
+        } else if (seenRetracts.has(target)) {
+          errors.push({
+            code: "REVISE_AFTER_RETRACT",
+            operationIndex: index,
+            message: `Revise at index ${index} targets '${target}' which was already retracted in this commit`
+          });
+        } else if (!seenAdds.has(target)) {
+          warnings.push({
+            code: "REVISE_UNKNOWN_WREF",
+            operationIndex: index,
+            message: `Revise at index ${index} references '${target}' which was not added in this commit (assuming it exists server-side)`
+          });
+        }
+      }
+      if (op.operation === "retract") {
+        if (!op.name) {
+          errors.push({
+            code: "MISSING_NAME",
+            operationIndex: index,
+            message: `Retract operation at index ${index} is missing required 'name' field`
+          });
+        } else if (seenRetracts.has(op.name)) {
+          warnings.push({
+            code: "RETRACT_AFTER_RETRACT",
+            operationIndex: index,
+            message: `Retract at index ${index} targets '${op.name}' which was already retracted in this commit`
+          });
+        } else {
+          if (!seenAdds.has(op.name)) {
+            warnings.push({
+              code: "RETRACT_UNKNOWN_WREF",
+              operationIndex: index,
+              message: `Retract at index ${index} references '${op.name}' which was not added in this commit (assuming it exists server-side)`
+            });
+          }
+          seenRetracts.add(op.name);
+        }
+      }
+    }
+    const preflightOps = this.ops.filter((op) => op.operation !== "retract").map((op) => {
+      if (op.operation === "add") {
+        return toPreflightOp(op, normalizeAddKind(op));
+      }
+      const target = op.name ?? op.wref;
+      return toPreflightOp(
+        op,
+        target ? normalizeReviseKind(op, target) : "thing"
+      );
+    });
+    const diagnostics = preflightCommitDiagnostics(preflightOps);
+    for (const diagnostic of diagnostics) {
+      errors.push({
+        code: diagnostic.code,
+        operationIndex: diagnostic.operationIndex,
+        message: diagnostic.message
+      });
+    }
+    if (this.ops.length === 0) {
+      errors.push({
+        code: "EMPTY_COMMIT",
+        operationIndex: -1,
+        message: "OperationBuilder has no operations"
+      });
+    }
+    return { valid: errors.length === 0, errors, warnings };
+  }
+  /**
+   * Validate, submit, and seal the builder.
+   *
+   * A successful call submits operations through the same stream path as `client.commit.apply` and makes the builder single-use. Validation failures throw before any server request is made. Ambiguous multi-chunk failures surface as `PartialStreamSubmissionError`.
+   *
+   * @param params.client WarmHub client or compatible stream client used for submission.
+   * @param params.message Optional commit message.
+   * @param params.committer Optional wref identifying the actor on whose behalf the write is made.
+   * @param params.chunkSize Maximum operations per stream append.
+   * @param params.streamId Advanced continuation hook for caller-managed streams.
+   * @param params.allocatedTokens Advanced continuation hook for `$N` / `#N` token allocation state.
+   * @param params.retry Retry policy for transient first-chunk failures, or `false` to disable automatic retry.
+   */
+  async commit(params) {
+    this.assertNotSubmitted();
+    if (this.inFlight) {
+      throw new Error("OperationBuilder: stream submission already in flight");
+    }
+    const validation = this.validate();
+    if (!validation.valid) {
+      const messages = validation.errors.map((entry) => entry.message).join("; ");
+      throw new Error(`OperationBuilder validation failed: ${messages}`);
+    }
+    this.inFlight = true;
+    try {
+      const operations = this.ops.map((op) => toBackendOp(op));
+      const result = await submitOperationsViaStream(params.client, {
+        orgName: params.orgName,
+        repoName: params.repoName,
+        committer: params.committer,
+        message: params.message,
+        chunkSize: params.chunkSize,
+        streamId: params.streamId,
+        allocatedTokens: params.allocatedTokens,
+        retry: params.retry,
+        operations
+      });
+      this.submitted = true;
+      return result;
+    } finally {
+      this.inFlight = false;
+    }
+  }
+  assertNotSubmitted() {
+    if (this.submitted) {
+      throw new Error("OperationBuilder: already submitted, cannot modify");
+    }
+  }
+};
+function inferShapeFromLocalPath(name) {
+  if (!name.includes("/")) return void 0;
+  return name.split("/")[0];
+}
+function inferShapeForAdd(op) {
+  if (op.shapeWref) return op.shapeWref;
+  if (op.name) {
+    return inferShapeFromLocalPath(op.name);
+  }
+  return void 0;
+}
+function inferKindFromName2(name) {
+  const parts = name.split("/").filter(Boolean);
+  if (parts.length >= 3) return "assertion";
+  if (parts.length === 2) return "thing";
+  return "thing";
+}
+function asNonEmptyString(value) {
+  if (typeof value !== "string") return void 0;
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : void 0;
+}
+function normalizeAddKind(op) {
+  if (op.kind === "shape" || op.kind === "thing" || op.kind === "assertion" || op.kind === "collection") {
+    return op.kind;
+  }
+  if (op.type && Array.isArray(op.members)) {
+    return "collection";
+  }
+  if (op.about !== void 0 || op.aboutWref !== void 0) {
+    return "assertion";
+  }
+  return op.name ? inferKindFromName2(op.name) : "thing";
+}
+function normalizeReviseKind(op, name) {
+  if (op.kind === "shape" || op.kind === "thing" || op.kind === "assertion" || op.kind === "collection") {
+    return op.kind;
+  }
+  return inferKindFromName2(name);
+}
+function toBackendOp(op) {
+  if (op.operation === "retract") {
+    return {
+      operation: "retract",
+      name: op.name,
+      ...op.kind ? { kind: op.kind } : {},
+      ...op.reason ? { reason: op.reason } : {}
+    };
+  }
+  if (op.operation === "add") {
+    const name2 = asNonEmptyString(op.name);
+    if (!name2) {
+      throw new Error("OperationBuilder: add operation missing name");
+    }
+    const kind2 = normalizeAddKind(op);
+    if (kind2 === "collection") {
+      const type = asNonEmptyString(op.type);
+      if (!type) {
+        throw new Error(
+          `OperationBuilder: collection add '${name2}' missing required 'type'`
+        );
+      }
+      const members = Array.isArray(op.members) ? op.members : [];
+      return {
+        operation: "add",
+        kind: kind2,
+        type,
+        members,
+        name: name2,
+        ...op.skipExisting === true ? { skipExisting: true } : {}
+      };
+    }
+    if (kind2 === "assertion") {
+      const about = op.about ?? op.aboutWref;
+      if (about === void 0) {
+        throw new Error(
+          `OperationBuilder: assertion add '${name2}' missing required 'about'`
+        );
+      }
+      return {
+        operation: "add",
+        kind: kind2,
+        name: name2,
+        about,
+        data: op.data ?? {},
+        ...op.skipExisting === true ? { skipExisting: true } : {}
+      };
+    }
+    return {
+      operation: "add",
+      kind: kind2,
+      name: name2,
+      data: op.data ?? {},
+      ...op.skipExisting === true ? { skipExisting: true } : {}
+    };
+  }
+  const name = asNonEmptyString(op.name) ?? asNonEmptyString(op.wref);
+  if (!name) {
+    throw new Error(
+      "OperationBuilder: revise operation missing required target ('name' or 'wref')"
+    );
+  }
+  const kind = normalizeReviseKind(op, name);
+  if (kind === "collection") {
+    throw new Error(
+      `OperationBuilder: collection revise is no longer supported \u2014 use retract('${name}') instead`
+    );
+  }
+  return {
+    operation: "revise",
+    kind,
+    name,
+    data: op.data ?? {}
+  };
+}
+function toPreflightOp(op, kind) {
+  if (op.operation === "add") {
+    return {
+      operation: op.operation,
+      kind,
+      name: op.name,
+      about: op.about ?? op.aboutWref,
+      type: op.type,
+      members: op.members
+    };
+  }
+  return {
+    operation: op.operation,
+    kind,
+    name: op.name ?? op.wref
+  };
+}
+function throwAggregatedMessages(messages) {
+  if (messages.length === 0) return;
+  throw new Error(messages.join("; "));
+}
+function preflightCheckCommon(verb, kind, name, data) {
+  const errors = [];
+  const requiresLocalPath = kind === "thing" || kind === "assertion" || kind === "collection" && verb === "REVISE";
+  if (requiresLocalPath) {
+    if (!splitLocalPath(name)) {
+      errors.push(
+        `${verb} ${kind} name must be a local path (Shape/name), got: "${name}"`
+      );
+    }
+  }
+  if (kind === "shape" && data !== void 0) {
+    const result = validateShapeDefinition(data);
+    if (!result.valid) {
+      errors.push(
+        `Invalid shape definition for "${name}": ${result.errors.join("; ")}`
+      );
+    }
+  }
+  return errors;
+}
+function preflightCheckAdd(op, kind) {
+  const messages = [];
+  if (op.name) {
+    messages.push(...preflightCheckCommon("ADD", kind, op.name, op.data));
+  }
+  for (const diagnostic of preflightOpDiagnostics(toPreflightOp(op, kind), 0)) {
+    messages.push(diagnostic.message);
+  }
+  throwAggregatedMessages(messages);
+}
+function preflightCheckRevise(kind, name, data) {
+  const messages = [];
+  if (data === void 0) {
+    messages.push(`OperationBuilder: ${kind} revise requires 'data'`);
+  }
+  messages.push(
+    ...preflightCheckCommon("REVISE", kind, name, data),
+    ...preflightOpDiagnostics(
+      toPreflightOp({ operation: "revise", name}, kind),
+      0
+    ).map((diagnostic) => diagnostic.message)
+  );
+  throwAggregatedMessages(messages);
+}
+
+// src/index.ts
+function normalizeWref(wref) {
+  return wref.replace(/@(?:v\d+|HEAD|ALL)$/i, "");
+}
+var SDK_VERSION = "0.44.0" ;
+var DEFAULT_API_URL = "https://api.warmhub.ai";
+var UNBATCHED_TRPC_PATHS = /* @__PURE__ */ new Set([
+  "repo.shapeInstanceCounts",
+  "thing.getMany"
+]);
+var DEFAULT_THING_GET_MANY_CHUNK_SIZE = 500;
+var MAX_THING_GET_MANY_CHUNK_SIZE = 500;
+var DEFAULT_THING_GET_MANY_CHUNK_CONCURRENCY = 1;
+var MAX_THING_GET_MANY_CHUNK_CONCURRENCY = 8;
+function normalizeSubscriptionInfo(subscription) {
+  return {
+    ...subscription,
+    actionContainer: void 0,
+    actionContainerConfig: void 0
+  };
+}
+function normalizeSubscriptionList(subscriptions) {
+  return subscriptions.map(
+    (subscription) => normalizeSubscriptionInfo(subscription)
+  );
+}
+async function* paginate(fetchPage, extractItems, initialCursor) {
+  let cursor = initialCursor;
+  for (; ; ) {
+    const page = await fetchPage(cursor);
+    for (const item of extractItems(page)) {
+      yield item;
+    }
+    if (!page.nextCursor) return;
+    cursor = page.nextCursor;
+  }
+}
+async function collectPaginatedPages(fetchPage, extractItems, max, initialCursor) {
+  if (max !== void 0 && (!Number.isFinite(max) || Math.trunc(max) !== max || max < 0)) {
+    throw new WarmHubError(
+      "VALIDATION_ERROR",
+      "max must be a nonnegative integer"
+    );
+  }
+  const items = [];
+  let cursor = initialCursor;
+  for (; ; ) {
+    const page = await fetchPage(cursor);
+    const pageItems = extractItems(page);
+    if (max !== void 0 && items.length + pageItems.length > max) {
+      throw new WarmHubError(
+        "VALIDATION_ERROR",
+        `Paginated result exceeded max=${max}`
+      );
+    }
+    items.push(...pageItems);
+    if (!page.nextCursor) return items;
+    cursor = page.nextCursor;
+  }
+}
+function normalizePositiveIntegerOption(value, defaultValue, maxValue) {
+  if (!Number.isFinite(value)) return defaultValue;
+  return Math.max(1, Math.min(maxValue, Math.trunc(value)));
+}
+function chunkArray(items, chunkSize) {
+  const chunks = [];
+  for (let start = 0; start < items.length; start += chunkSize) {
+    chunks.push(items.slice(start, start + chunkSize));
+  }
+  return chunks;
+}
+function sanitizeSubscriptionCreateInput(input) {
+  const {
+    actionContainer: _actionContainer,
+    actionContainerConfig: _actionContainerConfig,
+    ...supported
+  } = input;
+  return supported;
+}
+function sanitizeSubscriptionUpdateInput(input) {
+  const {
+    actionContainer: _actionContainer,
+    actionContainerConfig: _actionContainerConfig,
+    ...supported
+  } = input;
+  return supported;
+}
+function resolveFunctionLogMode(mode) {
+  return mode ?? "off";
+}
+var INTERNAL_PATTERNS = [
+  /\bselect\b.+?\bfrom\b/i,
+  /\binsert\b.+?\binto\b/i,
+  /\bupdate\b.+?\bset\b/i,
+  /\bdelete\b.+?\bfrom\b/i,
+  /\bparams:\s/i,
+  /\.ts\(\d+,\d+\)/,
+  /at\s+\S+\s+\(.*:\d+:\d+\)/,
+  /node_modules\//,
+  /drizzle/i
+];
+function sanitizeErrorMessage(message) {
+  for (const pattern of INTERNAL_PATTERNS) {
+    if (pattern.test(message)) {
+      return "An internal error occurred. Please try again or contact support.";
+    }
+  }
+  return message;
+}
+var WarmHubError = class extends Error {
+  /**
+   * Stable SDK error code or pass-through backend domain code. Branch on this
+   * (or the alias {@link kind}) to handle expected failure modes.
+   */
+  code;
+  /**
+   * HTTP status from the failing response when one was available.
+   */
+  status;
+  /**
+   * Optional human-readable hint surfaced by the backend.
+   */
+  hint;
+  /**
+   * Seconds the caller should wait before retrying. Present on `RATE_LIMITED`
+   * responses and other backend signals that carry a Retry-After header.
+   */
+  retryAfter;
+  constructor(code, message, status, hint, retryAfter) {
+    super(message);
+    this.name = "WarmHubError";
+    this.code = code;
+    this.status = status;
+    this.hint = hint;
+    this.retryAfter = retryAfter;
+  }
+  get kind() {
+    return this.code;
+  }
+};
+function assertContentWithinLimit(fieldLabel, value) {
+  if (typeof value !== "string") return;
+  const message = contentFieldLimitError(fieldLabel, value);
+  if (!message) return;
+  throw new WarmHubError("VALIDATION_ERROR", message);
+}
+function toWarmHubError(error) {
+  if (error instanceof WarmHubError) {
+    return error;
+  }
+  if (error instanceof TRPCClientError) {
+    if (error.cause instanceof WarmHubError) {
+      return error.cause;
+    }
+    const data = error.data;
+    const message = data?.warmhub?.message ?? sanitizeErrorMessage(error.message);
+    return new WarmHubError(
+      data?.warmhub?.code ?? "BACKEND",
+      message,
+      data?.warmhub?.status,
+      data?.warmhub?.hint,
+      data?.warmhub?.retryAfter
+    );
+  }
+  if (error instanceof Error) {
+    const warmhubLike = error;
+    if (error.name === "WarmHubError" && typeof warmhubLike.code === "string") {
+      return new WarmHubError(
+        warmhubLike.code,
+        sanitizeErrorMessage(error.message),
+        typeof warmhubLike.status === "number" ? warmhubLike.status : void 0,
+        typeof warmhubLike.hint === "string" ? warmhubLike.hint : void 0,
+        typeof warmhubLike.retryAfter === "number" ? warmhubLike.retryAfter : void 0
+      );
+    }
+    if (error.name === "AbortError") {
+      return new WarmHubError("CANCELLED", error.message);
+    }
+    if (error instanceof TypeError && /fetch/i.test(error.message)) {
+      return new WarmHubError("NETWORK", error.message);
+    }
+    return new WarmHubError("BACKEND", sanitizeErrorMessage(error.message));
+  }
+  return new WarmHubError("BACKEND", "Unknown SDK error");
+}
+function isWarmHubError(error) {
+  return error instanceof WarmHubError;
+}
+function isRetryable(error) {
+  const mapped = toWarmHubError(error);
+  return mapped.kind === "NETWORK" || mapped.kind === "CANCELLED" || mapped.kind === "BACKEND" || mapped.kind === "RATE_LIMITED";
+}
+var CONNECTION_ERROR_CODES = /* @__PURE__ */ new Set([
+  "ConnectionRefused",
+  "ECONNREFUSED",
+  "ENOTFOUND",
+  "ETIMEDOUT",
+  "EAI_AGAIN"
+]);
+function isConnectionError(error) {
+  if (error instanceof TypeError && /fetch/i.test(error.message)) {
+    return true;
+  }
+  if (error && typeof error === "object") {
+    const code = error.code;
+    if (typeof code === "string" && CONNECTION_ERROR_CODES.has(code)) {
+      return true;
+    }
+  }
+  return false;
+}
+function connectionErrorMessage(url) {
+  return `Unable to connect to ${url}. Is the computer able to access the url?`;
+}
+var WarmHubClient = class _WarmHubClient {
+  /**
+   * The resolved API base URL the client issues requests against. Defaults to
+   * {@link DEFAULT_API_URL} when no `apiUrl` is passed to the constructor.
+   */
+  apiUrl;
+  fetchImpl;
+  accessToken;
+  functionLogMode;
+  getToken;
+  /**
+   * Authentication helpers for browser sign-in flows, session checks, and token diagnostics.
+   */
+  auth = {
+    /**
+     * Return the configured browser authentication client ID.
+     *
+     * Use this in browser sign-in flows that need to initialize the configured auth provider before redirecting or opening a login UI.
+     */
+    getClientId: async () => {
+      try {
+        return await this.trpc.auth.getClientId.query();
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Sync the authenticated identity with WarmHub.
+     *
+     * Call after a browser or server session is established so WarmHub can provision or refresh the corresponding user and personal organization records.
+     */
+    sync: async () => {
+      try {
+        return await this.trpc.auth.sync.mutate();
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return the current authenticated WarmHub user.
+     *
+     * Throws when the request is unauthenticated or the token cannot be resolved.
+     */
+    currentUser: async () => {
+      try {
+        return await this.trpc.auth.currentUser.query();
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return authentication status, identity details, and token scope diagnostics for the current request.
+     */
+    whoami: async () => {
+      try {
+        return await this.trpc.auth.whoami.query();
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Lightweight permission checks for UI gating and service-side authorization probes.
+   */
+  access = {
+    /**
+     * Check whether the caller has a repo-scoped permission.
+     *
+     * @param permission Permission string such as `repo:read`, `repo:write`, `repo:configure`, or `repo:admin`.
+     */
+    checkRepoPermission: async (orgName, repoName, permission) => {
+      try {
+        return await this.trpc.access.checkRepoPermission.query({
+          orgName,
+          repoName,
+          permission
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Check whether the caller has an org-scoped permission.
+     *
+     * @param permission Permission string such as `org:read`, `org:configure`, or `org:admin`.
+     */
+    checkOrgPermission: async (orgName, permission) => {
+      try {
+        return await this.trpc.access.checkOrgPermission.query({
+          orgName,
+          permission
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Connectivity and compatibility helpers for checking the configured WarmHub backend.
+   */
+  diagnostics = {
+    /**
+     * Perform a health-check request against the configured backend URL.
+     *
+     * This uses the HTTP health endpoint rather than tRPC, so it is useful for distinguishing connection failures from procedure-level errors.
+     */
+    ping: async () => {
+      const response = await this.fetchWithAuth(
+        `${this.apiUrl.replace(/\/$/, "")}/health`
+      );
+      if (!response.ok) {
+        throw new WarmHubError(
+          "BACKEND",
+          `Health request failed with status ${response.status}`,
+          response.status
+        );
+      }
+      return await response.json();
+    },
+    /**
+     * Return backend API version, minimum supported SDK version, and feature flags.
+     */
+    capabilities: async () => {
+      try {
+        return await this.trpc.diagnostics.capabilities.query();
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Installed component inspection for packages that add shapes, subscriptions, credentials, and seed data to a repository.
+   *
+   * The top-level methods cover per-repo installation queries, bundled system installs, and the registry-backed install pipeline used by `wh component install <org/name>`.
+   */
+  component = {
+    /**
+     * List components installed in a repository.
+     *
+     * Pass pagination options when a repository may have many installed components.
+     */
+    list: async (orgName, repoName, opts) => {
+      try {
+        return await this.trpc.component.list.query({
+          orgName,
+          repoName,
+          limit: opts?.limit,
+          cursor: opts?.cursor
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Fetch one installed component by component ID.
+     */
+    get: async (orgName, repoName, componentId) => {
+      try {
+        return await this.trpc.component.get.query({
+          orgName,
+          repoName,
+          componentId
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Install an allowlisted bundled system component into a repository.
+     */
+    installSystem: async (orgName, repoName, componentId) => {
+      try {
+        return await this.trpc.component.installSystem.mutate({
+          orgName,
+          repoName,
+          componentId
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Registered-component identity and install-pipeline operations.
+     *
+     * This sub-surface drives the backend-mediated install flow that powers `wh component install <org/name>`. It manages registered component identities (`register`, `unregister`, `list`, `view`, `update`) and the install pipeline (`resolve` mints an install id, `downloadSource` fetches the source archive through the backend, `setupCall` dispatches the optional setup callback). Use these when building a custom installer; most callers should run the CLI instead.
+     */
+    registry: {
+      register: async (orgName, componentName, input = {}) => {
+        try {
+          return await this.trpc.component.registry.register.mutate({
+            orgName,
+            componentName,
+            ...input
+          });
+        } catch (error) {
+          throw toWarmHubError(error);
+        }
+      },
+      unregister: async (orgName, componentName) => {
+        try {
+          return await this.trpc.component.registry.unregister.mutate({
+            orgName,
+            componentName
+          });
+        } catch (error) {
+          throw toWarmHubError(error);
+        }
+      },
+      list: async (orgName) => {
+        try {
+          return await this.trpc.component.registry.list.query({ orgName });
+        } catch (error) {
+          throw toWarmHubError(error);
+        }
+      },
+      view: async (orgName, componentName) => {
+        try {
+          return await this.trpc.component.registry.view.query({
+            orgName,
+            componentName
+          });
+        } catch (error) {
+          throw toWarmHubError(error);
+        }
+      },
+      update: async (orgName, componentName, input) => {
+        try {
+          return await this.trpc.component.registry.update.mutate({
+            orgName,
+            componentName,
+            ...input
+          });
+        } catch (error) {
+          throw toWarmHubError(error);
+        }
+      },
+      resolve: async (orgName, componentName, installRepo) => {
+        return await this.requestJson(
+          `/api/component-registry/${encodeURIComponent(orgName)}/${encodeURIComponent(componentName)}/resolve`,
+          {
+            method: "POST",
+            headers: {
+              "content-type": "application/json"
+            },
+            body: JSON.stringify({ installRepo })
+          }
+        );
+      },
+      downloadSource: async (orgName, componentName, input) => {
+        const response = await this.requestResponse(
+          `/api/component-registry/${encodeURIComponent(orgName)}/${encodeURIComponent(componentName)}/source`,
+          {
+            method: "POST",
+            headers: {
+              "content-type": "application/json"
+            },
+            body: JSON.stringify(input)
+          }
+        );
+        return {
+          archive: new Uint8Array(await response.arrayBuffer()),
+          sourceUrl: response.headers.get("x-warmhub-source-url") ?? "",
+          sourceRef: response.headers.get("x-warmhub-source-ref") ?? void 0,
+          resolvedSha: response.headers.get("x-warmhub-resolved-sha") ?? void 0,
+          componentRef: response.headers.get("x-warmhub-component-ref") ?? `${orgName}/${componentName}`,
+          contentType: response.headers.get("content-type") || "application/octet-stream"
+        };
+      },
+      setupCall: async (orgName, componentName, input) => {
+        return await this.requestJson(
+          `/api/component-registry/${encodeURIComponent(orgName)}/${encodeURIComponent(componentName)}/setup-call`,
+          {
+            method: "POST",
+            headers: {
+              "content-type": "application/json"
+            },
+            body: JSON.stringify(input)
+          }
+        );
+      }
+    },
+    /**
+     * Operator-invoked CLI methods (GH-3193).
+     *
+     * `cli.call(orgName, componentName, method, { installRepo, args })`
+     * dispatches a component-declared method via the backend. The backend
+     * loads the install's manifest snapshot, verifies the method exists,
+     * authorizes the operator, signs the request with the install-repo
+     * credential set (HMAC over `${timestamp}.${body}` by default), and
+     * proxies the component service's JSON response back as the envelope's
+     * `body`.
+     *
+     * WarmHub-level failures (component not installed, method not in snapshot,
+     * `ComponentConfig.cliBaseUrl` missing, credentials missing, operator
+     * lacks `requiresPermission`) come back as a thrown `WarmHubError`.
+     * Upstream non-2xx responses do **not** throw — they arrive inside the
+     * envelope as `{ ok: false, status, body }` so the CLI can pretty-print
+     * the component's own error payload.
+     */
+    cli: {
+      call: async (orgName, componentName, method, input) => {
+        return await this.requestJson(
+          `/api/component-registry/${encodeURIComponent(orgName)}/${encodeURIComponent(componentName)}/cli/${encodeURIComponent(method)}`,
+          {
+            method: "POST",
+            headers: {
+              "content-type": "application/json"
+            },
+            body: JSON.stringify(input)
+          }
+        );
+      }
+    }
+  };
+  /**
+   * High-level write surface for submitting WarmHub operations through the commit pipeline.
+   *
+   * @see https://docs.warmhub.ai/sdk/commit-vs-builder/
+   */
+  commit = {
+    /**
+     * Submit one or more operations through WarmHub's commit pipeline.
+     *
+     * This is the primary write path for SDK callers. It streams operations to the backend, preserves server-side per-operation results, supports chunking for large submissions, and can attribute writes to a committer wref or installed component.
+     *
+     * Simple first-chunk transport failures are retried by default. Multi-chunk ambiguous failures are surfaced as `PartialStreamSubmissionError` so callers can inspect repository state before deciding whether to resume or retry. See [Transient Retry](/sdk/transient-retry/) for the full retry and partial-submission rules.
+     *
+     * Writing to an archived organization or repository fails with an `ARCHIVED` error before any operations are applied.
+     *
+     * @param message Optional commit message stored with the submitted operations.
+     * @param operations Add, revise, or retract operations to submit in order.
+     * @param opts.committer Optional wref identifying the actor on whose behalf the write is made. Must be a full wref string like `"Agent/bot-1"` (a thing that already exists), or a cross-repo wref like `"wh:other-org/other-repo/Agent/bot-1"`. Bare names such as `"eval-runner"` are rejected by the backend with a "Thing wref required" error — there is no implicit shape.
+     * @param opts.componentId Attribute writes to an installed component when the caller is allowed to claim it.
+     * @param opts.chunkSize Maximum operations per stream append. Values are clamped by the SDK.
+     * @param opts.skipExisting Return `noop` for add operations whose target already exists.
+     * @param opts.streamId Advanced continuation hook for caller-managed streams.
+     * @param opts.allocatedTokens Advanced continuation hook for `$N` / `#N` token allocation state.
+     * @param opts.retry Retry policy for transient first-chunk failures, or `false` to disable automatic retry.
+     */
+    apply: async (orgName, repoName, message, operations, opts) => {
+      try {
+        return await submitOperationsViaStream(this, {
+          orgName,
+          repoName,
+          committer: opts?.committer,
+          message,
+          componentId: opts?.componentId,
+          chunkSize: opts?.chunkSize,
+          skipExisting: opts?.skipExisting,
+          streamId: opts?.streamId,
+          allocatedTokens: opts?.allocatedTokens,
+          retry: opts?.retry,
+          operations
+        });
+      } catch (error) {
+        if (error instanceof PartialStreamSubmissionError) {
+          throw error;
+        }
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Organization management surface for namespaces, membership, roles, and scoped member permissions.
+   */
+  org = {
+    /**
+     * Get an organization by name.
+     */
+    get: async (orgName) => {
+      try {
+        return await this.trpc.org.get.query({ orgName });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return the caller's role in an organization, or `null` when the caller is not a member.
+     *
+     * Useful for UI gating before showing organization-level controls.
+     */
+    getCallerRole: async (orgName) => {
+      try {
+        return await this.trpc.org.getCallerRole.query({ orgName });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List organizations visible to the caller.
+     *
+     * Archived organizations are hidden unless `includeArchived` is set.
+     */
+    list: async (opts) => {
+      try {
+        const items = await this.trpc.org.list.query({
+          includeArchived: opts?.includeArchived
+        });
+        return { items };
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Create a new organization.
+     *
+     * The description is trimmed and empty strings are ignored. Organization names must avoid reserved public slugs such as `docs`, `api`, `login`, and `warmhub`.
+     *
+     * @param displayName Optional display label. Defaults to the organization name when omitted.
+     */
+    create: async (name, displayName, description) => {
+      try {
+        return await this.trpc.org.create.mutate({
+          name,
+          displayName,
+          description
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Set or clear an organization description.
+     *
+     * Descriptions are trimmed; empty strings clear the stored value.
+     */
+    setDescription: async (orgName, description) => {
+      try {
+        return await this.trpc.org.setDescription.mutate({
+          orgName,
+          description
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Update an organization's display name.
+     *
+     * Display names are trimmed; empty or whitespace-only values are rejected.
+     */
+    setDisplayName: async (orgName, displayName) => {
+      try {
+        return await this.trpc.org.setDisplayName.mutate({
+          orgName,
+          displayName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Rename an organization in place.
+     *
+     * The new slug must satisfy the same naming and reserved-name rules as organization creation.
+     */
+    rename: async (orgName, newName) => {
+      try {
+        return await this.trpc.org.rename.mutate({
+          orgName,
+          newName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Atomic combined update of an organization's display name and/or slug.
+     *
+     * Both writes run in a single backend transaction so a slug conflict cannot leave a partial display-name change behind. Pass at least one of `displayName` or `newName`.
+     */
+    update: async (input) => {
+      try {
+        return await this.trpc.org.update.mutate(input);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Add a member to an organization or create a pending invite.
+     *
+     * The role defaults to `editor`. If the email address does not belong to an existing WarmHub user, WarmHub creates a pending invite and attempts to send the invite email asynchronously. Only owners can assign the `owner` role.
+     *
+     * @param role Organization role to assign. Defaults to `editor`.
+     */
+    addMember: async (orgName, email, role = "editor") => {
+      try {
+        return await this.trpc.org.addMember.mutate({
+          orgName,
+          email,
+          role
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Remove an active member or revoke a pending invite by email address.
+     */
+    removeMember: async (orgName, email) => {
+      try {
+        await this.trpc.org.removeMember.mutate({
+          orgName,
+          email
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Change a member's organization role.
+     *
+     * Only owners can promote another member to owner or demote an existing owner. WarmHub rejects attempts to remove the final owner.
+     */
+    changeMemberRole: async (orgName, email, role) => {
+      try {
+        return await this.trpc.org.changeMemberRole.mutate({
+          orgName,
+          email,
+          role
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Replace a member's scoped permission entries.
+     *
+     * Each entry targets either the organization (`acme`) or one repository (`acme/world`) and carries the full desired permission set for that resource. Matching entries replace the role-derived permission set for that resource; include every permission the member should retain.
+     *
+     * Member scope entries share the same wire shape as personal access token scopes, but `allowedMatches` is enforced for PATs only. Member scopes cannot restrict access by thing-name glob.
+     *
+     * @param scopes Scoped permission entries with `resource` and `permissions` fields.
+     */
+    setMemberScopes: async (orgName, email, scopes) => {
+      try {
+        await this.trpc.org.setMemberScopes.mutate({
+          orgName,
+          email,
+          scopes
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Remove all scoped permission entries from a member.
+     *
+     * After clearing, the member's effective access comes from their organization role only.
+     */
+    clearMemberScopes: async (orgName, email) => {
+      try {
+        await this.trpc.org.clearMemberScopes.mutate({
+          orgName,
+          email
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List organization members and pending invites.
+     *
+     * The response includes the caller's current organization role so frontend settings pages can gate owner/admin-only controls without making a second request.
+     *
+     * @param opts.pending When `true`, return only pending invites.
+     */
+    listMembers: async (orgName, opts) => {
+      try {
+        return await this.trpc.org.listMembers.query({
+          orgName,
+          pending: opts?.pending
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Archive an organization, blocking new repositories and membership changes.
+     */
+    archive: async (orgName) => {
+      try {
+        return await this.trpc.org.archive.mutate({
+          orgName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Unarchive an organization.
+     */
+    unarchive: async (orgName) => {
+      try {
+        return await this.trpc.org.unarchive.mutate({
+          orgName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Repository management surface for lifecycle operations, metadata, statistics, and content documents.
+   *
+   * @see https://docs.warmhub.ai/sdk/repo-stats/
+   */
+  repo = {
+    /**
+     * Get a repository by organization and repository name.
+     */
+    get: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.get.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return authoritative active-item totals for a single repository.
+     *
+     * The returned `total` is the sum of active shapes, things, and assertions. Use this when billing, quota checks, health reports, or per-shape breakdowns need single-repo stats.
+     *
+     * The per-shape breakdown counts active things by shape; assertions are not included in that map.
+     */
+    getStats: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.stats.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return active-item totals for up to 100 repositories in one request.
+     *
+     * Use this instead of issuing one `getStats` request per repository when building organization dashboards. Batch entries include the exact `total` for visible repositories; call `getStats` for an individual repository when you need the per-shape map.
+     */
+    getStatsBatch: async (orgName, repoNames) => {
+      try {
+        return await this.trpc.repo.statsBatch.query({
+          orgName,
+          repoNames
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return configuration-surface counts for a repository.
+     *
+     * Currently this reports the number of subscriptions attached to the repository, which is useful before delete or visibility-change flows.
+     */
+    getConfigureStats: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.configureStats.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return per-shape thing and assertion counts for a repository.
+     *
+     * The server computes the totals directly, so callers do not need to page through repository contents to build shape summary UI.
+     */
+    getShapeInstanceCounts: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.shapeInstanceCounts.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List repositories in an organization.
+     *
+     * Archived repositories are hidden by default. Search and sort options are applied before pagination.
+     */
+    list: async (orgName, opts) => {
+      try {
+        return await this.trpc.repo.list.query({
+          orgName,
+          limit: opts?.limit,
+          cursor: opts?.cursor,
+          includeArchived: opts?.includeArchived,
+          search: opts?.search,
+          sort: opts?.sort
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Create a repository inside an organization.
+     *
+     * Repositories are private by default. Descriptions are trimmed and capped by the backend.
+     *
+     * @param visibility `public` or `private`; defaults to `private`.
+     */
+    create: async (orgName, repoName, description, visibility) => {
+      try {
+        return await this.trpc.repo.create.mutate({
+          orgName,
+          repoName,
+          description,
+          visibility
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Set or clear a repository description.
+     *
+     * Descriptions are trimmed; empty strings clear the stored value.
+     */
+    setDescription: async (orgName, repoName, description) => {
+      try {
+        return await this.trpc.repo.setDescription.mutate({
+          orgName,
+          repoName,
+          description
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Set a repository's visibility to `public` or `private`.
+     */
+    setVisibility: async (orgName, repoName, visibility) => {
+      try {
+        return await this.trpc.repo.setVisibility.mutate({
+          orgName,
+          repoName,
+          visibility
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Rename a repository within its organization.
+     *
+     * The new name must be unused in the organization and follow the same path-segment rules as repository creation.
+     */
+    rename: async (orgName, repoName, newName) => {
+      try {
+        return await this.trpc.repo.rename.mutate({
+          orgName,
+          repoName,
+          newName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Archive a repository, blocking new writes.
+     */
+    archive: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.archive.mutate({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Unarchive a repository.
+     */
+    unarchive: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.unarchive.mutate({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Soft-delete a repository.
+     *
+     * The repository is hidden immediately and scheduled for permanent purge after a 30-day grace window. WarmHub blocks deletion when another repository still has inbound cross-repo references, active subscriptions, or active credential grants that depend on the repository.
+     */
+    delete: async (orgName, repoName) => {
+      try {
+        const result = await this.trpc.repo.delete.mutate({
+          orgName,
+          repoName
+        });
+        return { graceExpiresAt: new Date(result.graceExpiresAt) };
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Immediately and irreversibly purge a repository.
+     *
+     * This owner-only operation has no grace window and uses the same inbound-reference guard as `delete`.
+     */
+    hardDelete: async (orgName, repoName) => {
+      try {
+        await this.trpc.repo.hardDelete.mutate({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List repositories with dashboard-oriented per-repository metadata.
+     *
+     * Each item includes exact active counts, an activity-oriented `lastWriteAt`, and a `hasErrors` flag for terminal action failures.
+     *
+     * Search and sort are applied before pagination, so cursors remain stable across the filtered and ordered list.
+     */
+    listPage: async (orgName, opts) => {
+      try {
+        return await this.trpc.repo.listPage.query({
+          orgName,
+          limit: opts?.limit,
+          cursor: opts?.cursor,
+          includeArchived: opts?.includeArchived,
+          search: opts?.search,
+          sort: opts?.sort
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Fetch a repository's `Content/Readme` markdown record.
+     *
+     * The SDK contract allows `null`; current backend behavior returns a synthesized empty stub for repositories that have not committed README content yet. Callers should still null-check defensively.
+     */
+    getReadme: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.getReadme.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Generate a README draft from the repository's current shapes, things, and assertions.
+     *
+     * This does not commit the draft. Save returned content with `setReadme` after review.
+     */
+    generateReadme: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.generateReadme.mutate({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Fetch a repository's `Content/Agents` markdown record.
+     *
+     * The SDK contract allows `null`; current backend behavior mirrors `getReadme` and returns a synthesized empty stub when no AGENTS.md content has been committed yet.
+     */
+    getAgents: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.getAgents.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Commit a new `Content/Readme` value.
+     *
+     * The backend adds or revises the content record through the normal commit pipeline.
+     */
+    setReadme: async (orgName, repoName, content) => {
+      try {
+        assertContentWithinLimit("Content/Readme.content", content);
+        return await this.trpc.repo.setReadme.mutate({
+          orgName,
+          repoName,
+          content
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Commit a new `Content/Agents` value through the normal commit pipeline.
+     */
+    setAgents: async (orgName, repoName, content) => {
+      try {
+        assertContentWithinLimit("Content/Agents.content", content);
+        return await this.trpc.repo.setAgents.mutate({
+          orgName,
+          repoName,
+          content
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Generate an AGENTS.md draft from the repository's current content and schema.
+     *
+     * This does not commit the draft. Save returned content with `setAgents` after review.
+     */
+    generateAgents: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.generateAgents.mutate({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Fetch the synthesized `Content/LlmsTxt` sitemap for a repository.
+     *
+     * The returned markdown follows the llms.txt convention. Authenticated callers also receive structured reference metadata partitioned by readable outbound and inbound references; cross-org references the caller cannot read are omitted.
+     */
+    getLlmsTxt: async (orgName, repoName) => {
+      try {
+        return await this.trpc.repo.getLlmsTxt.query({
+          orgName,
+          repoName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Shape management surface for schema definitions that validate things and assertions.
+   */
+  shape = {
+    /**
+     * List shape definitions in a repository.
+     *
+     * Options can include retracted shapes, filter by component ownership, or hide component-owned shapes.
+     */
+    list: async (orgName, repoName, opts) => {
+      try {
+        return await this.trpc.shape.list.query({
+          orgName,
+          repoName,
+          match: opts?.match,
+          componentId: opts?.componentId,
+          excludeComponents: opts?.excludeComponents,
+          includeRetracted: opts?.includeRetracted
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Get one shape definition by name.
+     *
+     * Returns the full shape thing record, with `name`,
+     * `kind: "shape"`, `active`, and a nested `version: { version, operation,
+     * data, dataHash } | null`. This is **not** the same shape as the
+     * shape returned by `create` and `revise`: the change result
+     * is flat (`name`, `operation`, `version: number`, `dataHash`) and does
+     * not carry `data`. To read shape fields, call `get` and read
+     * `result.version?.data` — the change result alone is not enough.
+     *
+     * @param opts.includeRetracted Include a retracted shape instead of treating it as missing.
+     */
+    get: async (orgName, repoName, shapeName, opts) => {
+      try {
+        return await this.trpc.shape.get.query({
+          orgName,
+          repoName,
+          shapeName,
+          includeRetracted: opts?.includeRetracted
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Create a shape definition.
+     *
+     * Shape data should describe the fields used to validate things and assertions with that shape.
+     *
+     * Returns `{ name, operation, version, dataHash }`.
+     * The result confirms the write and exposes the new version number, but it
+     * does **not** include the shape data — call `client.shape.get` for the
+     * full shape record (with `kind`, `active`, and nested
+     * `version.data`).
+     *
+     * @param opts.description Optional human-readable shape description.
+     */
+    create: async (orgName, repoName, shapeName, fields, opts) => {
+      try {
+        return await this.trpc.shape.create.mutate({
+          orgName,
+          repoName,
+          shapeName,
+          fields,
+          description: opts?.description
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Revise a shape definition, creating a new shape version.
+     *
+     * Returns `{ name, operation, version, dataHash }`,
+     * the same flat shape as `create`. To read the revised fields back, call
+     * `client.shape.get` for the full shape record.
+     *
+     * @param opts.description Optional human-readable description for the revised shape.
+     */
+    revise: async (orgName, repoName, shapeName, newFields, opts) => {
+      try {
+        return await this.trpc.shape.revise.mutate({
+          orgName,
+          repoName,
+          shapeName,
+          newFields,
+          description: opts?.description
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Retract a shape definition.
+     */
+    remove: async (orgName, repoName, shapeName) => {
+      try {
+        return await this.trpc.shape.remove.mutate({
+          orgName,
+          repoName,
+          shapeName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Rename a shape within a repository.
+     *
+     * The rename is applied in place: the existing shape history is preserved and no new version is created.
+     */
+    rename: async (orgName, repoName, oldName, newName) => {
+      try {
+        return await this.trpc.shape.rename.mutate({
+          orgName,
+          repoName,
+          oldName,
+          newName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return add, revise, retract, and rename history for a shape.
+     *
+     * Use pagination options for long-lived shapes with many revisions.
+     */
+    history: async (orgName, repoName, name, opts = {}) => {
+      try {
+        return await this.trpc.shape.history.query({
+          orgName,
+          repoName,
+          name,
+          includeRetracted: opts.includeRetracted,
+          limit: opts.limit,
+          cursor: opts.cursor
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Webhook and cron subscription management surface scoped to a repository.
+   *
+   * @see https://docs.warmhub.ai/sdk/component-identity/#subscriptions
+   */
+  subscription = {
+    /**
+     * Create a webhook or cron subscription.
+     *
+     * Both subscription kinds require a delivery URL. Webhook subscriptions can also forward events from another repository, allow trace reentry, bind fallback delivery, and opt into success notifications. Component identity is set at creation time and follows the same authority rules as commit writes.
+     *
+     * Webhook subscriptions must specify a shape filter via `shapeName` or `filterJson.shape`, except [shape-lifecycle subscriptions](/subscriptions/creating/#shape-lifecycle-subscriptions) which omit both and rely on a `{ kind: 'shape', ... }` filter.
+     */
+    create: async (input) => {
+      try {
+        const result = await this.trpc.subscription.create.mutate(
+          sanitizeSubscriptionCreateInput(input)
+        );
+        return normalizeSubscriptionInfo(result);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Get one subscription by name.
+     */
+    get: async (orgName, repoName, name) => {
+      try {
+        const result = await this.trpc.subscription.get.query({
+          orgName,
+          repoName,
+          name
+        });
+        return normalizeSubscriptionInfo(result);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List subscriptions attached to a repository.
+     */
+    list: async (orgName, repoName) => {
+      try {
+        const result = await this.trpc.subscription.list.query({
+          orgName,
+          repoName
+        });
+        return normalizeSubscriptionList(result);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Update an existing webhook or cron subscription.
+     *
+     * Use `null` for nullable fields such as fallback webhook URL when you need to clear an existing value.
+     */
+    update: async (input) => {
+      try {
+        const result = await this.trpc.subscription.update.mutate(
+          sanitizeSubscriptionUpdateInput(input)
+        );
+        return normalizeSubscriptionInfo(result);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Pause a subscription.
+     */
+    pause: async (orgName, repoName, name) => {
+      try {
+        return await this.trpc.subscription.pause.mutate({
+          orgName,
+          repoName,
+          name
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Resume a paused subscription.
+     */
+    resume: async (orgName, repoName, name) => {
+      try {
+        return await this.trpc.subscription.resume.mutate({
+          orgName,
+          repoName,
+          name
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Delete a subscription.
+     */
+    remove: async (orgName, repoName, name) => {
+      try {
+        return await this.trpc.subscription.remove.mutate({
+          orgName,
+          repoName,
+          name
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Bind a credential set to a subscription for outbound webhook authentication.
+     */
+    bindCredentials: async (orgName, repoName, subscriptionName, credentialSetName) => {
+      try {
+        return await this.trpc.subscription.bindCredentials.mutate({
+          orgName,
+          repoName,
+          subscriptionName,
+          credentialSetName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Remove the credential set currently bound to a subscription.
+     */
+    unbindCredentials: async (orgName, repoName, subscriptionName) => {
+      try {
+        return await this.trpc.subscription.unbindCredentials.mutate({
+          orgName,
+          repoName,
+          subscriptionName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Low-level action lease, delivery, run, and notification primitives for subscription consumers.
+   */
+  action = {
+    /**
+     * Acquire an exclusive processing lease for a subscription consumer.
+     *
+     * @param holderId Stable identifier for the process claiming the lease.
+     * @param holderType Kind of consumer claiming the lease.
+     */
+    acquireLease: async (orgName, repoName, subscriptionName, holderId, holderType, opts) => {
+      try {
+        return await this.trpc.action.acquireLease.mutate({
+          orgName,
+          repoName,
+          subscriptionName,
+          holderId,
+          holderType,
+          graceMs: opts?.graceMs,
+          ttlMs: opts?.ttlMs
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Extend the TTL for an existing processing lease.
+     */
+    heartbeatLease: async (orgName, repoName, subscriptionName, holderId, ttlMs) => {
+      try {
+        return await this.trpc.action.heartbeatLease.mutate({
+          orgName,
+          repoName,
+          subscriptionName,
+          holderId,
+          ttlMs
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Release an existing processing lease.
+     */
+    releaseLease: async (orgName, repoName, subscriptionName, holderId) => {
+      try {
+        return await this.trpc.action.releaseLease.mutate({
+          orgName,
+          repoName,
+          subscriptionName,
+          holderId
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Claim one action delivery run for processing.
+     */
+    claimDelivery: async (orgName, repoName, runId, holderId) => {
+      try {
+        return await this.trpc.action.claimDelivery.mutate({
+          orgName,
+          repoName,
+          runId,
+          holderId
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Mark one claimed action delivery run as complete.
+     */
+    completeDelivery: async (orgName, repoName, runId, holderId) => {
+      try {
+        return await this.trpc.action.completeDelivery.mutate({
+          orgName,
+          repoName,
+          runId,
+          holderId
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Query the live delivery feed for a subscription.
+     *
+     * Use this for polling or live-log views that need recent delivery status entries.
+     */
+    liveFeed: async (orgName, repoName, subscriptionName, opts) => {
+      try {
+        return await this.trpc.action.liveFeed.query({
+          orgName,
+          repoName,
+          subscriptionName,
+          limit: opts?.limit,
+          cursor: opts?.cursor
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List subscription action runs for a repository.
+     *
+     * The result can be filtered by subscription name, status, and start time.
+     */
+    listRuns: async (orgName, repoName, opts) => {
+      try {
+        return await this.trpc.action.listRuns.query({
+          orgName,
+          repoName,
+          subscriptionName: opts?.subscriptionName,
+          status: opts?.status,
+          since: opts?.since,
+          limit: opts?.limit
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List delivery attempts for one action run.
+     */
+    getRunAttempts: async (orgName, repoName, runId) => {
+      try {
+        return await this.trpc.action.getRunAttempts.query({
+          orgName,
+          repoName,
+          runId
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List repo-scoped action notifications.
+     *
+     * Use `since` or `limit` to bound notification-center style reads.
+     */
+    listNotifications: async (orgName, repoName, opts) => {
+      try {
+        return await this.trpc.action.listNotifications.query({
+          orgName,
+          repoName,
+          since: opts?.since,
+          limit: opts?.limit
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Read surface for things, assertions, histories, references, search, and in-place thing renames.
+   */
+  thing = {
+    /**
+     * Return the current HEAD snapshot for repository contents.
+     *
+     * Filter by shape, kind, assertion target, or glob `match` pattern, and choose the data mode appropriate for the payload size. Component filters can narrow results to component-owned records or hide component infrastructure records.
+     *
+     * Tokenless reads of public repositories have stricter page-size and page-count limits than authenticated reads.
+     */
+    head: async (orgName, repoName, opts) => {
+      try {
+        const kind = opts?.kind === "shape" || opts?.kind === "thing" || opts?.kind === "assertion" || opts?.kind === "collection" ? opts.kind : void 0;
+        return await this.trpc.thing.head.query({
+          orgName,
+          repoName,
+          shape: opts?.shape,
+          kind,
+          match: opts?.match,
+          dataMode: opts?.dataMode,
+          includeRetracted: opts?.includeRetracted,
+          limit: opts?.limit,
+          cursor: opts?.cursor,
+          componentId: opts?.componentId,
+          excludeComponents: opts?.excludeComponents,
+          excludeInfraShapes: opts?.excludeInfraShapes
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Iterate every current HEAD row matching the supplied filters.
+     *
+     * Prefer this over hand-written cursor loops when scanning all matching records. Pass `opts.cursor` to resume from a saved cursor; the iterator advances the cursor automatically after the first request. Pass `limit` to control page size.
+     */
+    headIter: (orgName, repoName, opts) => {
+      return paginate(
+        (cursor) => this.thing.head(orgName, repoName, { ...opts, cursor }),
+        (page) => page.items,
+        opts?.cursor
+      );
+    },
+    /**
+     * Materialize every current HEAD row matching the supplied filters.
+     *
+     * Use `max` to guard memory usage; throws a `WarmHubError` with kind `VALIDATION_ERROR` once more than `max` items have actually been observed across pages.
+     */
+    headAll: async (orgName, repoName, opts) => {
+      const { max, ...pageOpts } = opts ?? {};
+      return await collectPaginatedPages(
+        (cursor) => this.thing.head(orgName, repoName, { ...pageOpts, cursor }),
+        (page) => page.items,
+        max,
+        pageOpts.cursor
+      );
+    },
+    /**
+     * Get one thing, assertion, shape, or collection by wref.
+     *
+     * @param version Optional exact version to pin when the wref is not already version-qualified.
+     * @param opts.includeRetracted Include retracted records instead of treating them as missing.
+     */
+    get: async (orgName, repoName, wref, version, opts) => {
+      try {
+        return await this.trpc.thing.get.query({
+          orgName,
+          repoName,
+          wref,
+          version,
+          includeRetracted: opts?.includeRetracted
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Get one record and its embedded assertion, about, and wref graph.
+     *
+     * Depth and limit options bound traversal size. References the caller cannot read remain string wrefs in the returned graph.
+     */
+    graph: async (orgName, repoName, wref, opts) => {
+      try {
+        return await this.trpc.thing.graph.query({
+          orgName,
+          repoName,
+          wref,
+          version: opts?.version,
+          depth: opts?.depth,
+          limit: opts?.limit
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Batch-fetch wrefs, auto-chunking above the backend's 500-wref transport cap.
+     *
+     * The result preserves duplicate requested wrefs and reports inaccessible or missing refs in `missing` rather than throwing per item. A top-level version pins every unqualified wref; per-wref version pins remain intact.
+     *
+     * @param version Optional exact version to apply to unqualified wrefs.
+     * @param opts.includeRetracted Include retracted records in `items` instead of reporting them in `missing`.
+     * @param opts.chunkSize Maximum wrefs per backend request. Defaults to 500 and is clamped to the backend cap.
+     * @param opts.chunkConcurrency Maximum concurrent chunk requests. Defaults to 1 and is clamped to 8.
+     */
+    getMany: async (orgName, repoName, wrefs, version, opts) => {
+      try {
+        if (wrefs.length === 0) {
+          return {
+            requested: 0,
+            items: [],
+            missing: []
+          };
+        }
+        const chunkSize = normalizePositiveIntegerOption(
+          opts?.chunkSize,
+          DEFAULT_THING_GET_MANY_CHUNK_SIZE,
+          MAX_THING_GET_MANY_CHUNK_SIZE
+        );
+        const chunkConcurrency = normalizePositiveIntegerOption(
+          opts?.chunkConcurrency,
+          DEFAULT_THING_GET_MANY_CHUNK_CONCURRENCY,
+          MAX_THING_GET_MANY_CHUNK_CONCURRENCY
+        );
+        const fetchChunk = async (chunkWrefs) => {
+          return await this.trpc.thing.getMany.query({
+            orgName,
+            repoName,
+            wrefs: chunkWrefs,
+            version,
+            includeRetracted: opts?.includeRetracted
+          });
+        };
+        if (wrefs.length <= chunkSize) {
+          return await fetchChunk(wrefs);
+        }
+        const chunks = chunkArray(wrefs, chunkSize);
+        const chunkResults = [];
+        for (let start = 0; start < chunks.length; start += chunkConcurrency) {
+          const batch = chunks.slice(start, start + chunkConcurrency);
+          const batchResults = await Promise.all(batch.map(fetchChunk));
+          chunkResults.push(...batchResults);
+        }
+        return {
+          requested: wrefs.length,
+          items: chunkResults.flatMap((result) => result.items),
+          missing: chunkResults.flatMap((result) => result.missing)
+        };
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return version history and timeline metadata for repository records.
+     *
+     * Provide at least one selector: a concrete wref, a shape filter, or an assertion target. Shape- and target-filtered histories support pagination and optional collection resolution.
+     */
+    history: async (orgName, repoName, opts) => {
+      try {
+        return await this.trpc.thing.history.query({
+          orgName,
+          repoName,
+          wref: opts.wref,
+          shape: opts.shape,
+          about: opts.about,
+          includeRetracted: opts.includeRetracted,
+          resolveCollections: opts.resolveCollections,
+          match: opts.match,
+          limit: opts.limit,
+          cursor: opts.cursor
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Rename a thing within its shape namespace.
+     *
+     * The rename is applied in place: the thing's existing history is preserved and no new version is created.
+     */
+    rename: async (orgName, repoName, shapeName, oldName, newName) => {
+      try {
+        return await this.trpc.thing.rename.mutate({
+          orgName,
+          repoName,
+          shapeName,
+          oldName,
+          newName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Resolve a wref to its current projected record.
+     */
+    resolve: async (orgName, repoName, wref) => {
+      try {
+        return await this.trpc.thing.resolve.query({
+          orgName,
+          repoName,
+          wref
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Return assertions about a thing or collection target.
+     *
+     * Filter by assertion shape or glob `match` pattern, optionally resolve collection targets, and page through large assertion sets with `limit` and `cursor`.
+     *
+     * Returns `{ target?, assertions, nextCursor? }`.
+     * The array is named `assertions`, **not** `items`. This breaks the repo-wide
+     * `items` convention used by `HeadResult`, `FilterResult`, `SearchResult`,
+     * `RefsResult`, and `LogResult`; destructure explicitly to avoid the trap:
+     *
+     * ```ts
+     * const { target, assertions } = await client.thing.about(org, repo, "Location/cave");
+     * for (const a of assertions) console.log(a.wref);
+     * ```
+     *
+     * Any returned subjective-logic opinion tuple `(b, d, u, α)` is a binomial opinion — well-formed only when the underlying assertion expresses a binary proposition. See [Opinions as Separate Assertions](/data-modeling/patterns/#opinions-as-separate-assertions).
+     */
+    about: async (orgName, repoName, wref, opts) => {
+      try {
+        return await this.trpc.thing.about.query({
+          orgName,
+          repoName,
+          wref,
+          shape: opts?.shape,
+          match: opts?.match,
+          includeRetracted: opts?.includeRetracted,
+          depth: opts?.depth,
+          resolveCollections: opts?.resolveCollections,
+          limit: opts?.limit,
+          cursor: opts?.cursor
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Iterate every assertion about a thing or collection target.
+     *
+     * Prefer this over hand-written cursor loops when scanning all matching assertions. The iterator reads the `assertions` envelope field and advances the cursor automatically; pass `opts.cursor` to resume from a saved cursor and `limit` to control page size.
+     */
+    aboutIter: (orgName, repoName, wref, opts) => {
+      return paginate(
+        (cursor) => this.thing.about(orgName, repoName, wref, { ...opts, cursor }),
+        (page) => page.assertions,
+        opts?.cursor
+      );
+    },
+    /**
+     * Materialize every assertion about a thing or collection target.
+     *
+     * Use `max` to guard memory usage; throws a `WarmHubError` with kind `VALIDATION_ERROR` once more than `max` assertions have actually been observed across pages.
+     */
+    aboutAll: async (orgName, repoName, wref, opts) => {
+      const { max, ...pageOpts } = opts ?? {};
+      return await collectPaginatedPages(
+        (cursor) => this.thing.about(orgName, repoName, wref, { ...pageOpts, cursor }),
+        (page) => page.assertions,
+        max,
+        pageOpts.cursor
+      );
+    },
+    /**
+     * Query repository records by shape, kind, assertion target, text filters, or glob `match` pattern.
+     *
+     * Use this for structured reads where the caller controls filters. For ranked text or vector search, use `thing.search`. For count-only reads, use `thing.count`.
+     */
+    query: async (orgName, repoName, opts) => {
+      try {
+        const kind = opts?.kind === "shape" || opts?.kind === "thing" || opts?.kind === "assertion" || opts?.kind === "collection" ? opts.kind : void 0;
+        return await this.trpc.thing.query.query({
+          orgName,
+          repoName,
+          shape: opts?.shape,
+          about: opts?.about,
+          kind,
+          match: opts?.match,
+          includeRetracted: opts?.includeRetracted,
+          resolveCollections: opts?.resolveCollections,
+          limit: opts?.limit,
+          cursor: opts?.cursor,
+          componentId: opts?.componentId,
+          excludeComponents: opts?.excludeComponents,
+          excludeInfraShapes: opts?.excludeInfraShapes
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Iterate every repository record matching the supplied filters.
+     *
+     * Prefer this over hand-written cursor loops when scanning all matching records. Pass `opts.cursor` to resume from a saved cursor; the iterator advances the cursor automatically after the first request. Pass `limit` to control page size.
+     */
+    queryIter: (orgName, repoName, opts) => {
+      return paginate(
+        (cursor) => this.thing.query(orgName, repoName, { ...opts, cursor }),
+        (page) => page.items,
+        opts?.cursor
+      );
+    },
+    /**
+     * Materialize every repository record matching the supplied filters.
+     *
+     * Use `max` to guard memory usage; throws a `WarmHubError` with kind `VALIDATION_ERROR` once more than `max` items have actually been observed across pages.
+     */
+    queryAll: async (orgName, repoName, opts) => {
+      const { max, ...pageOpts } = opts ?? {};
+      return await collectPaginatedPages(
+        (cursor) => this.thing.query(orgName, repoName, { ...pageOpts, cursor }),
+        (page) => page.items,
+        max,
+        pageOpts.cursor
+      );
+    },
+    /**
+     * Search repository records with text, vector, or hybrid mode.
+     *
+     * When searching with an assertion target or collection resolution, pages may be sparse; keep paginating until `nextCursor` is absent.
+     */
+    search: async (orgName, repoName, query, opts) => {
+      try {
+        const kind = opts?.kind === "shape" || opts?.kind === "thing" || opts?.kind === "assertion" || opts?.kind === "collection" ? opts.kind : void 0;
+        return await this.trpc.thing.search.query({
+          orgName,
+          repoName,
+          query,
+          shape: opts?.shape,
+          about: opts?.about,
+          kind,
+          match: opts?.match,
+          includeRetracted: opts?.includeRetracted,
+          resolveCollections: opts?.resolveCollections,
+          limit: opts?.limit,
+          cursor: opts?.cursor,
+          componentId: opts?.componentId,
+          excludeComponents: opts?.excludeComponents,
+          excludeInfraShapes: opts?.excludeInfraShapes,
+          mode: opts?.mode
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Count matching repository records without returning record data.
+     */
+    count: async (orgName, repoName, opts) => {
+      try {
+        const kind = opts?.kind === "shape" || opts?.kind === "thing" || opts?.kind === "assertion" || opts?.kind === "collection" ? opts.kind : void 0;
+        return await this.trpc.thing.count.query({
+          orgName,
+          repoName,
+          shape: opts?.shape,
+          about: opts?.about,
+          kind,
+          match: opts?.match,
+          includeRetracted: opts?.includeRetracted,
+          resolveCollections: opts?.resolveCollections,
+          componentId: opts?.componentId,
+          excludeComponents: opts?.excludeComponents,
+          excludeInfraShapes: opts?.excludeInfraShapes
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Query wref-typed field references for a record.
+     *
+     * Inbound mode finds records whose wref fields point at the supplied wref. Outbound mode finds records that the supplied record points to. Inbound queries can be narrowed to a field path.
+     */
+    refs: async (orgName, repoName, wref, opts) => {
+      try {
+        return await this.trpc.thing.refs.query({
+          orgName,
+          repoName,
+          wref,
+          direction: opts?.direction,
+          fieldPath: opts?.fieldPath,
+          limit: opts?.limit,
+          cursor: opts?.cursor
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Iterate every wref-typed field reference for a record.
+     *
+     * Prefer this over hand-written cursor loops when scanning all matching references. Pass `opts.cursor` to resume from a saved cursor; the iterator advances the cursor automatically after the first request. Pass `limit` to control page size.
+     */
+    refsIter: (orgName, repoName, wref, opts) => {
+      return paginate(
+        (cursor) => this.thing.refs(orgName, repoName, wref, { ...opts, cursor }),
+        (page) => page.items,
+        opts?.cursor
+      );
+    },
+    /**
+     * Materialize every wref-typed field reference for a record.
+     *
+     * Use `max` to guard memory usage; throws a `WarmHubError` with kind `VALIDATION_ERROR` once more than `max` refs have actually been observed across pages.
+     */
+    refsAll: async (orgName, repoName, wref, opts) => {
+      const { max, ...pageOpts } = opts ?? {};
+      return await collectPaginatedPages(
+        (cursor) => this.thing.refs(orgName, repoName, wref, { ...pageOpts, cursor }),
+        (page) => page.items,
+        max,
+        pageOpts.cursor
+      );
+    }
+  };
+  /**
+   * Live repository update surface backed by server-sent events.
+   */
+  live = {
+    /**
+     * Stream refreshed `thing.head` results whenever the repository changes.
+     *
+     * The SDK re-runs the underlying `thing.head` query after each invalidation and passes the latest snapshot to `onUpdate`.
+     */
+    thingHead: async (orgName, repoName, opts, onUpdate) => {
+      return this.watchRepoQuery(
+        orgName,
+        repoName,
+        opts?.signal,
+        () => this.thing.head(orgName, repoName, {
+          shape: opts?.shape,
+          kind: opts?.kind,
+          match: opts?.match,
+          dataMode: opts?.dataMode,
+          limit: opts?.limit,
+          cursor: opts?.cursor,
+          includeRetracted: opts?.includeRetracted
+        }),
+        onUpdate
+      );
+    },
+    /**
+     * Stream refreshed history results for a single wref whenever the repository changes.
+     */
+    thingHistory: async (orgName, repoName, opts, onUpdate) => {
+      return this.watchRepoQuery(
+        orgName,
+        repoName,
+        opts.signal,
+        () => this.thing.history(orgName, repoName, {
+          wref: opts.wref,
+          limit: opts.limit,
+          cursor: opts.cursor,
+          includeRetracted: opts.includeRetracted
+        }),
+        onUpdate
+      );
+    },
+    /**
+     * Stream refreshed action live-feed entries for a subscription.
+     */
+    subscriptionLog: async (orgName, repoName, subscriptionName, opts, onUpdate) => {
+      return this.watchRepoQuery(
+        orgName,
+        repoName,
+        opts?.signal,
+        () => this.action.liveFeed(orgName, repoName, subscriptionName, {
+          limit: opts?.limit,
+          cursor: opts?.cursor
+        }),
+        onUpdate
+      );
+    },
+    /**
+     * Subscribe to raw repository invalidation events.
+     *
+     * Unlike the higher-level live helpers, this method does not re-query. It
+     * forwards invalidation metadata such as affected shapes, affected things,
+     * affected assertion targets, and whether the event corresponds to a new
+     * commit.
+     *
+     * @param opts.signal Optional abort signal used to close the SSE stream.
+     * @param onEvent Callback invoked for each repository invalidation event.
+     */
+    subscribe: async (orgName, repoName, opts, onEvent) => {
+      const controller = new AbortController();
+      const signal = linkAbortSignal(opts?.signal, controller);
+      let updates = 0;
+      const closed = (async () => {
+        const ticket = await this.trpc.live.issueTicket.mutate({
+          orgName,
+          repoName
+        });
+        const stream = await this.openSse(
+          ticket.ticket,
+          signal,
+          async (event) => {
+            if (event.type !== "invalidate") {
+              return;
+            }
+            const data = event.data;
+            updates++;
+            await onEvent({
+              topic: data.topic,
+              affectedShapes: data.affectedShapes,
+              affectedThings: data.affectedThings,
+              affectedTargets: data.affectedTargets,
+              hasNewCommit: data.hasNewCommit
+            });
+          }
+        );
+        await stream.ready;
+        if (signal.aborted) {
+          return { updates };
+        }
+        await stream.closed;
+        return { updates };
+      })();
+      return {
+        close() {
+          controller.abort();
+        },
+        closed
+      };
+    }
+  };
+  /**
+   * Personal access token management for the authenticated user.
+   */
+  token = {
+    /**
+     * Create a personal access token for the authenticated user.
+     *
+     * Omit `scopes` to mint a token with the same authority as the calling principal. PATs cannot create or revoke other PATs — token-management permissions are excluded from the grantable set. Server enforces a maximum lifetime; pass an `expiresAt` unix-millis value to clamp earlier.
+     *
+     * See [Personal Access Tokens](/auth/personal-access-tokens/) for scope grammar (resource format, permission strings, `allowedMatches`), rotation, and CI usage.
+     *
+     * @param input.name Caller-chosen identifier for the token, returned in `list`, `get`, and `revoke`.
+     * @param input.scopes Scope entries narrowing the token's authority. Omit for full-principal authority.
+     * @param input.expiresAt Unix epoch milliseconds at which the token expires.
+     * @param input.description Human-readable description shown in token listings.
+     */
+    create: async (input) => {
+      try {
+        return await this.trpc.token.create.mutate(input);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List personal access tokens for the authenticated user.
+     */
+    list: async () => {
+      try {
+        return await this.trpc.token.list.query();
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Get one personal access token by name.
+     */
+    get: async (name) => {
+      try {
+        return await this.trpc.token.get.query({ name });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Revoke a personal access token by name.
+     */
+    revoke: async (name) => {
+      try {
+        return await this.trpc.token.revoke.mutate({ name });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Low-level stream append surface for callers that already have backend stream operations.
+   */
+  stream = {
+    /**
+     * Append one non-empty chunk of stream operations to a repository.
+     *
+     * Most callers should prefer `commit.apply` or `OperationBuilder`. Use this low-level surface only when you already have stream operations, a stream ID, and any allocated `$N` / `#N` token state you need to continue.
+     */
+    append: async (input) => {
+      try {
+        return await this.trpc.stream.append.mutate(input);
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Credential set management for subscription webhook authentication and component integrations.
+   *
+   * Sets are scoped at creation time. Repo-scoped sets are visible only to the owning repo; org-scoped sets can be granted to multiple repositories in the same organization. Methods that operate on a specific set accept `repoName: string | undefined` — pass the owning repo name for repo-scoped sets or `undefined` for org-scoped sets.
+   */
+  credential = {
+    /**
+     * Create a credential set.
+     *
+     * Credential sets are repo-scoped by default. Org-scoped sets can be granted to multiple repositories in the same organization.
+     */
+    createSet: async (orgName, repoName, name, opts) => {
+      try {
+        return await this.trpc.credential.createSet.mutate({
+          orgName,
+          repoName,
+          name,
+          scope: opts?.scope ?? "repo",
+          description: opts?.description
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List credential sets visible from a repository.
+     */
+    listSets: async (orgName, repoName) => {
+      try {
+        return await this.trpc.credential.listSets.query({ orgName, repoName });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Get credential set metadata without secret values.
+     */
+    getSet: async (orgName, repoName, name) => {
+      try {
+        return await this.trpc.credential.getSet.query({
+          orgName,
+          repoName,
+          name
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Set or replace one secret key in a credential set.
+     */
+    setKey: async (orgName, repoName, setName, keyName, value) => {
+      try {
+        return await this.trpc.credential.setKey.mutate({
+          orgName,
+          repoName,
+          setName,
+          keyName,
+          value
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Set or replace multiple secret keys in one request.
+     */
+    setKeys: async (orgName, repoName, setName, secrets) => {
+      try {
+        return await this.trpc.credential.setKeys.mutate({
+          orgName,
+          repoName,
+          setName,
+          secrets
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Remove one secret key from a credential set.
+     */
+    unsetKey: async (orgName, repoName, setName, keyName) => {
+      try {
+        return await this.trpc.credential.unsetKey.mutate({
+          orgName,
+          repoName,
+          setName,
+          keyName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Delete a credential set and its stored secrets.
+     */
+    deleteSet: async (orgName, repoName, setName) => {
+      try {
+        return await this.trpc.credential.deleteSet.mutate({
+          orgName,
+          repoName,
+          setName
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * List audit entries for a credential set.
+     */
+    listAuditLog: async (orgName, repoName, setName, opts) => {
+      try {
+        return await this.trpc.credential.listAuditLog.query({
+          orgName,
+          repoName,
+          setName,
+          limit: opts?.limit
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    },
+    /**
+     * Revoke a credential set so it can no longer be exported or bound.
+     */
+    revokeSet: async (orgName, repoName, setName, opts) => {
+      try {
+        return await this.trpc.credential.revokeSet.mutate({
+          orgName,
+          repoName,
+          setName,
+          reason: opts?.reason
+        });
+      } catch (error) {
+        throw toWarmHubError(error);
+      }
+    }
+  };
+  /**
+   * Alias for `credential`.
+   *
+   * @hidden
+   */
+  credentials = this.credential;
+  constructor(apiUrlOrOptions, maybeOptions) {
+    const options = typeof apiUrlOrOptions === "string" ? maybeOptions : apiUrlOrOptions;
+    const apiUrl = typeof apiUrlOrOptions === "string" ? apiUrlOrOptions : apiUrlOrOptions?.apiUrl ?? DEFAULT_API_URL;
+    this.apiUrl = apiUrl;
+    this.fetchImpl = options?.fetch;
+    this.accessToken = options?.accessToken ?? options?.auth?.getToken;
+    this.functionLogMode = options?.functionLogs ?? "off";
+    if (typeof this.accessToken === "function") {
+      const provider = this.accessToken;
+      this.getToken = async () => await provider();
+    } else if (this.accessToken) {
+      const token = this.accessToken;
+      this.getToken = async () => token;
+    }
+    const url = `${apiUrl.replace(/\/$/, "")}/trpc`;
+    const fetch = ((input, init) => this.fetchWithAuth(input, init));
+    Object.defineProperty(this, "trpc", {
+      value: createTRPCProxyClient({
+        links: [
+          splitLink({
+            // Procedures that can be slow on large repos get their own
+            // un-batched HTTP request so a single slow query can't 502 the
+            // render-critical batch alongside it. See issue #1943.
+            condition: (op) => UNBATCHED_TRPC_PATHS.has(op.path),
+            // methodOverride puts inputs in the request body so single-op
+            // queries with large array payloads (e.g. thing.getMany with
+            // hundreds of wrefs) don't blow past Render's ~8 KB URL cap.
+            // tRPC's maxURLLength only splits multi-op batches. See #2390.
+            true: httpLink({ url, fetch, methodOverride: "POST" }),
+            false: httpBatchLink({ url, fetch, methodOverride: "POST" })
+          })
+        ]
+      }),
+      enumerable: false,
+      writable: false,
+      configurable: true
+    });
+  }
+  /**
+   * Return a new client that shares this client's backend URL and fetch implementation but uses a different access-token provider.
+   */
+  withAccessToken(accessToken) {
+    return new _WarmHubClient({
+      apiUrl: this.apiUrl,
+      fetch: this.fetchImpl,
+      accessToken
+    });
+  }
+  /**
+   * Alias for `action`.
+   *
+   * @hidden
+   */
+  actions = this.action;
+  async openSse(ticket, signal, onEvent) {
+    const response = await this.fetchWithAuth(
+      `${this.apiUrl.replace(/\/$/, "")}/sse?ticket=${encodeURIComponent(ticket)}`,
+      {
+        headers: {
+          accept: "text/event-stream"
+        },
+        signal
+      }
+    );
+    if (!response.ok) {
+      throw new WarmHubError(
+        "BACKEND",
+        `SSE request failed with status ${response.status}`,
+        response.status
+      );
+    }
+    const reader = response.body?.getReader();
+    if (!reader) {
+      throw new WarmHubError("BACKEND", "SSE response body is missing");
+    }
+    let resolveReady = () => {
+    };
+    const ready = new Promise((resolve) => {
+      resolveReady = resolve;
+    });
+    const closed = (async () => {
+      const decoder = new TextDecoder();
+      let buffer = "";
+      try {
+        while (true) {
+          const { done, value } = await reader.read();
+          if (done) {
+            break;
+          }
+          buffer += decoder.decode(value, { stream: true }).replaceAll("\r\n", "\n");
+          while (true) {
+            const separatorIndex = buffer.indexOf("\n\n");
+            if (separatorIndex === -1) {
+              break;
+            }
+            const chunk = buffer.slice(0, separatorIndex);
+            buffer = buffer.slice(separatorIndex + 2);
+            const parsed = parseSseChunk(chunk);
+            if (!parsed) {
+              continue;
+            }
+            if (parsed.type === "ready") {
+              resolveReady();
+              continue;
+            }
+            await onEvent(parsed);
+          }
+        }
+      } catch (error) {
+        if (isAbortError(error) || signal.aborted) {
+          return;
+        }
+        throw error;
+      } finally {
+        resolveReady();
+        reader.releaseLock();
+      }
+    })();
+    return {
+      ready,
+      closed
+    };
+  }
+  async fetchWithAuth(input, init) {
+    const fetchImpl = this.fetchImpl ?? globalThis.fetch;
+    const headers = new Headers(init?.headers);
+    const token = await resolveAccessToken(this.accessToken);
+    if (token) {
+      headers.set("authorization", `Bearer ${token}`);
+    }
+    const doFetch = async (reqInit) => {
+      try {
+        return await fetchImpl(input, reqInit);
+      } catch (err) {
+        if (isConnectionError(err)) {
+          throw new WarmHubError("NETWORK", connectionErrorMessage(this.apiUrl));
+        }
+        throw err;
+      }
+    };
+    const response = await doFetch({ ...init, headers });
+    if (response.status === 401 && typeof this.accessToken === "function") {
+      const freshToken = await resolveAccessToken(this.accessToken);
+      if (freshToken && freshToken !== token) {
+        const retryHeaders = new Headers(init?.headers);
+        retryHeaders.set("authorization", `Bearer ${freshToken}`);
+        return doFetch({ ...init, headers: retryHeaders });
+      }
+    }
+    return response;
+  }
+  async requestResponse(path, init) {
+    const response = await this.fetchWithAuth(
+      `${this.apiUrl.replace(/\/$/, "")}${path}`,
+      init
+    );
+    if (!response.ok) {
+      let message = `Request failed with status ${response.status}`;
+      let code = httpStatusToWarmHubCode(response.status);
+      let hint;
+      let retryAfter;
+      try {
+        const body = await response.json();
+        if (typeof body.error?.message === "string") {
+          message = body.error.message;
+        }
+        if (typeof body.error?.code === "string") {
+          code = body.error.code;
+        }
+        if (typeof body.error?.hint === "string") {
+          hint = body.error.hint;
+        }
+        if (typeof body.error?.retryAfter === "number") {
+          retryAfter = body.error.retryAfter;
+        }
+      } catch {
+      }
+      throw new WarmHubError(code, message, response.status, hint, retryAfter);
+    }
+    return response;
+  }
+  async requestJson(path, init) {
+    const response = await this.requestResponse(path, init);
+    return await response.json();
+  }
+  async watchRepoQuery(orgName, repoName, signalInput, query, onUpdate) {
+    const controller = new AbortController();
+    const signal = linkAbortSignal(signalInput, controller);
+    let updates = 0;
+    const closed = (async () => {
+      const emit = async () => {
+        const result = await query();
+        updates += 1;
+        await onUpdate(result);
+      };
+      const ticket = await this.trpc.live.issueTicket.mutate({
+        orgName,
+        repoName
+      });
+      const stream = await this.openSse(
+        ticket.ticket,
+        signal,
+        async (event) => {
+          if (event.type !== "invalidate") {
+            return;
+          }
+          await emit();
+        }
+      );
+      await stream.ready;
+      if (signal.aborted) {
+        return { updates };
+      }
+      await emit();
+      await stream.closed;
+      return { updates };
+    })();
+    return {
+      close() {
+        controller.abort();
+      },
+      closed
+    };
+  }
+};
+function httpStatusToWarmHubCode(status) {
+  switch (status) {
+    case 400:
+      return "VALIDATION_ERROR";
+    case 401:
+      return "UNAUTHENTICATED";
+    case 403:
+      return "FORBIDDEN";
+    case 404:
+      return "NOT_FOUND";
+    case 409:
+      return "CONFLICT";
+    case 429:
+      return "RATE_LIMITED";
+    default:
+      return "BACKEND";
+  }
+}
+async function resolveAccessToken(provider) {
+  if (!provider) {
+    return void 0;
+  }
+  if (typeof provider === "string") {
+    return provider;
+  }
+  return provider();
+}
+function linkAbortSignal(external, controller) {
+  if (!external) {
+    return controller.signal;
+  }
+  if (external.aborted) {
+    controller.abort();
+    return controller.signal;
+  }
+  external.addEventListener("abort", () => controller.abort(), { once: true });
+  return controller.signal;
+}
+function parseSseChunk(chunk) {
+  let event = "message";
+  const dataLines = [];
+  for (const line of chunk.split("\n")) {
+    if (!line || line.startsWith(":")) {
+      continue;
+    }
+    if (line.startsWith("event:")) {
+      event = line.slice("event:".length).trim();
+      continue;
+    }
+    if (line.startsWith("data:")) {
+      dataLines.push(line.slice("data:".length).trim());
+    }
+  }
+  if (dataLines.length === 0) {
+    return null;
+  }
+  const joined = dataLines.join("\n");
+  return {
+    type: event,
+    data: JSON.parse(joined)
+  };
+}
+function isAbortError(error) {
+  return error instanceof Error && error.name === "AbortError";
+}
+
+export { CONTENT_FIELD_LIMIT_ERROR, DEFAULT_API_URL, DEFAULT_STREAM_CHUNK_SIZE, MAX_CONTENT_FIELD_BYTES, MAX_STREAM_APPEND_OPERATION_COUNT2 as MAX_STREAM_APPEND_OPERATION_COUNT, OperationBuilder, PartialStreamSubmissionError, SDK_VERSION, WarmHubClient, WarmHubError, connectionErrorMessage, contentFieldLimitError, isConnectionError, isRetryable, isWarmHubError, normalizeWref, resolveFunctionLogMode, sanitizeErrorMessage, submitOperationsViaStream, toWarmHubError, validateAgainstShape };
+//# sourceMappingURL=chunk-PKA25PT7.js.map
+//# sourceMappingURL=chunk-PKA25PT7.js.map